Temporary failure in name resolution in DNS lookup – Code Example

DNS is the domain name binding with ip address. Every website on internet is recognized by the ip-address of the server on which it is running. Domain name is the human readable form so that we can easily remember and recognize a website. When this lookup of domain name to ip address fails then we get “temporary failure in name resolution” error.

In this article we will understand the basics of registry file and how we can resolve this error.

Important Terms

Before looking for a solution of any error it is important to know it’s root cause. In Linux, the DNS lookup is done through a special file which holds the nameserver entry. This file is located at /etc/resolv.conf.

In this section we will see all the important terms we are going to use to solve this issue.

  1. systemd-resolved – It is a system service. Local applications refer this service for network resolution. This service is responsible for all the name resolutions.
  2. resolv.conf – This file provides a local DNS stub listener. Meaning, a local application can use the loop back interface IP address defined in this file to connect to systemd-resolved.

To know more about them, please refer to Ubuntu Documentation.

Solutions

This error is not only confined to the wrong configuration in resolv.conf file, else the reasons could be multiple. Let’s see some of the known culprits and their solutions.

Solution 1: If no nameserver entry in resolv.conf file

This is the major reason for temporary failure in name resolution error. What happens is that due to some unexpected activity, either this file gets deleted or the nameserver entry gets erased.

So you need to check if there is a valid nameserver entry in this file.

Open /etc/resolv.conf file

sudo vim /etc/resolv.conf

The file content should look like this –

# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search rxwxpm3oahuuver0qduavec4jh.bx.internal.cloudapp.net

At the 17th line you can see the nameserver entry which is pointing to 127.0.0.53. This is the local loopback address used to listen DNS requests. You need to have this entry. Or, you can directly use the public DNS server of Google pointing at 8.8.8.8. Like this –

nameserver 8.8.8.8

Restart systemd-resolved Service

After making these changes and saving the file, you can restart systemd-resolved service using this command –

sudo systemctl restart systemd-resolved.service

Solution 2: If updating nameserver in resolv.conf failed

If system is not allowing you to update nameserver entry in /etc/resolv.conf file then you need to disable and stop systemd-resolved service first. Follow these steps –

Disable systemd-resolved service

sudo systemctl disable systemd-resolved.service

Stop systemd-resolved service

sudo systemctl stop systemd-resolved.service

Create Backup of resolv.conf file

sudo cp /etc/resolv.conf /etc/resolv.conf.backup

Remove Current resolv.conf file

sudo rm /etc/resolv.conf

Create New resolv.conf file and add Nameserver entry

sudo vim /etc/resolv.conf
nameserver 8.8.8.8

Or, for Ubuntu you can use 127.0.0.53

Start systemd-resolved service

sudo systemctl start systemd-resolved.service

Solution 3: If file permissions on resolv.conf are wrong

There could be a possibility that some malicious program has changed the ownership of resolv.conf file from root to something else. Follow these steps –

Set the owner to root using chown command

sudo chown root:root /etc/resolv.conf

Set file permission to 644

sudo chmod 644 /etc/resolv.conf

Now check the permission and owner using ls -la command –

ls -la /etc/resolv.conf

On my system it looks like this –

get permissions and owner of resolv.conf file

Solution 4: Blocked ports for Whois lookup and domain name resolution

Whois is the central directory of information of all the domains on internet. It is required to gather the details of any domain name like its nameservers, organization, contacts etc.

Port 43 is dedicated for Whois lookup.

Port 53 is used for domain name resolution

Both of these ports are essential for name resolution and need to be opened.

For Ubuntu & Debian Users

These flavors of linux operating system uses ufw firewall utility. To enable port 43 and 53, use this command –

sudo ufw allow 53/tcp
sudo ufw allow 43/tcp
sudo ufw reload

For CentOS & Fedora Users

OS like CentOS and Fedora uses firewalld utility hence their commands are different from debian. Use these commands –

sudo firewall-cmd --add-port=53/tcp --permanent
sudo firewall-cmd --add-port=43/tcp --permanent
sudo firewall-cmd --reload

Conclusion

“Temporary failure in name resolution” is a DNS lookup error where system is unable to access a valid IP address of a domain. You can encounter this error during a ping to a website. In this article we saw the various reasons for this error and resolved them one by one.