LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-21-2017, 10:58 AM   #1
grumpyskeptic
Member
 
Registered: Apr 2016
Posts: 435

Rep: Reputation: Disabled
How to change the DNS server in Linux Mint, and should I?


I am using Linux Mint 17.3 Cinnamon.

I have only one computer linked by an ethernet cable to a modem, which plugs into the telephone line to connect to the ISP.

There is clear advice about doing this in Windows, such as -

https://www.lifewire.com/how-to-chan...ttings-2617979

- but there is little advice about doing this in Linux.

Supplementary question, is it worth doing? Will it improve security and privacy? What about logging on to banking websites etc?

My ISP has already had a lot of phone numbers stolen and I am frequently telephoned by scammers from abroad as a result. I feel it is only a matter of time before the ISP customer usage logs are hacked or lost or mistakenly published.

Thanks

Last edited by grumpyskeptic; 01-21-2017 at 11:18 AM.
 
Old 01-21-2017, 11:14 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,114

Rep: Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139
that is probably the file /etc/resolv.conf. It also have a man page (man resolv.conf)
 
Old 01-21-2017, 02:06 PM   #3
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925
To change to OpenDNS:

sudo xed /etc/resolvconf/resolv.conf.d/head and add (ignore warning):

nameserver 208.67.222.222
nameserver 208.67.220.220

sudo resolvconf -u
 
Old 01-21-2017, 04:41 PM   #4
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052
i did, i do.
i don't know if one "should".
fwiw, i use and prefer opennic servers.
they have quick instructions for ubuntu and a wiki.
be warned that depending on your system the way to achieve it varies.
if, for example, one were to use systemd's resolved, one would have to edit /etc/systemd/resolved.conf accordingly, and restart the service.
not sure what linux mint / ubuntu is up to these days.
 
Old 01-21-2017, 09:41 PM   #5
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,096
Blog Entries: 28

Rep: Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088Reputation: 6088
If you were to get a router, you would be able to enter the nameservers of your choice in your router's configuration. They would then be the defaults for your network.

Exactly how to do so will depend on your make/model of router.

This should help: http://www.howtogeek.com/167533/the-...ur-dns-server/

Last edited by frankbell; 01-21-2017 at 09:44 PM.
 
Old 01-22-2017, 04:01 AM   #6
grumpyskeptic
Member
 
Registered: Apr 2016
Posts: 435

Original Poster
Rep: Reputation: Disabled
updateThanks for all replies. After looking up the model name, apparently I have a modem-router.

Changing the DNS numbers on the computer can be difficult according to https://unix.stackexchange.com/quest...ng-overwritten scroll down to see the green ticked or checked answer.

The Linux Mint 17.3 installed on my computer does not have any resolv.conf that I can find, it uses something else.

It seems to be easier to change the DNS details for the modem-router, which is independent of the operating system, and I found clear advice about how to do that here http://setuprouter.com/

Changing the modem-router details also gives me the opportunity to change the default factory username and password for it.

Which leads to another question:

If I change the username and the password on my modem-router, will Linux Mint 17.3 Cinnamon still be able to use it? Won't I have to tell it what the new username and passwords are?

Thanks.

Update - I have just looked at the existing DNS details on my modem-router, and both the primary and secondary DNS Server are set to 0.0.0.0, and the DNS relay (whatever that is) is set to "enable". Are these as expected, or are they unusual please? Thanks.

Last edited by grumpyskeptic; 01-22-2017 at 04:30 AM. Reason: updated info
 
Old 01-22-2017, 04:25 AM   #7
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052
Quote:
Originally Posted by frankbell View Post
If you were to get a router, you would be able to enter the nameservers of your choice in your router's configuration. They would then be the defaults for your network.
probably more elegeant.
but doesn't the desktop computer's operating system still search for and supply "its own" nameservers, unless it is told that the router already provides them?
 
Old 01-22-2017, 05:47 AM   #8
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,114

Rep: Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139Reputation: 7139
as far as I know my router told to the PCs in my home network to use the router itself as DNS. So I need to configure only the router.
 
Old 01-22-2017, 05:57 AM   #9
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925
Quote:
Originally Posted by frankbell View Post
If you were to get a router, you would be able to enter the nameservers of your choice in your router's configuration. They would then be the defaults for your network.
Sweet idea, but not so practical if you have a laptop that you're going to connect to different routers.
 
Old 01-22-2017, 07:12 AM   #10
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by grumpyskeptic View Post
Changing the modem-router details also gives me the opportunity to change the default factory username and password for it.

Which leads to another question:

If I change the username and the password on my modem-router, will Linux Mint 17.3 Cinnamon still be able to use it? Won't I have to tell it what the new username and passwords are?
Wow! Change that username and password now! That's a huge wide-open security flaw on your setup right there!
The username and password are only used for configuration so the computer "doesn't need to know it" you need to know it in case you want to do things like change the DNS settings.
The reason I say it's a huge security hole is that it is possible for websites to be set up in such a way that they will redirect your browser to log into your router and change things like DNS so that you are redirected to malicious sites. This isn't common, or easy to do, but having default settings is bad for that reason. You should also ensure that your router doesn't allow settings to be changed from the WAN port (it will be in the configuration settings if it's an option which can be allowed) as that means anyone on the internet can log into your router.
Quote:
Originally Posted by hydrurga View Post
Sweet idea, but not so practical if you have a laptop that you're going to connect to different routers.
That's a slightly more complex topic. It could be said it's darn good to have one's own DNS settings when on any network as it's potentially safer. However, if one wants to use a "captive portal" such as a "public" network at a place of work, Starbucks, hotel or wherever for some casual browsing having DNS set up could stop the login page from appearing. It could be argued, and I'd not object, that using a captive portal network like that is risky but they're a fact of life that some of us risk.
 
Old 01-22-2017, 07:32 AM   #11
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925Reputation: 2925
Quote:
Originally Posted by 273 View Post
That's a slightly more complex topic. It could be said it's darn good to have one's own DNS settings when on any network as it's potentially safer. However, if one wants to use a "captive portal" such as a "public" network at a place of work, Starbucks, hotel or wherever for some casual browsing having DNS set up could stop the login page from appearing. It could be argued, and I'd not object, that using a captive portal network like that is risky but they're a fact of life that some of us risk.
Agreed, but for some of us who travel a lot, the choice isn't just between our home router and "captive portals". We have friends, colleagues etc. whose routers we access while on the hoof. Hence my reason for setting my DNS servers locally in the operating system - it allows for greater flexibility.

Personally, I think using a VPN is the way to go if connected to a public wifi network - it helps assuage the risk.
 
Old 01-22-2017, 07:40 AM   #12
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by hydrurga View Post
Agreed, but for some of us who travel a lot, the choice isn't just between our home router and "captive portals". We have friends, colleagues etc. whose routers we access while on the hoof. Hence my reason for setting my DNS servers locally in the operating system - it allows for greater flexibility.

Personally, I think using a VPN is the way to go if connected to a public wifi network - it helps assuage the risk.
Well, yes, but using the DNS of the gateway will work in all those situations and when using a VPN you'll wnat to be using the gateway DNS also. I can't think of a situation where using your own DNS is going to be easier and only a few where it's going to be more secure and those could potentially mean changing it from the gateway to your own after a captive portal has been used, for example.
For travelling I'm a great fan of using my phone as a router since I'm one of those people who pays for more data than they could possibly use and roaming also.
 
Old 01-22-2017, 08:31 AM   #13
grumpyskeptic
Member
 
Registered: Apr 2016
Posts: 435

Original Poster
Rep: Reputation: Disabled
I have updated both my modem-router and the details in Linux to the Google DNS servers 8.8.8.8 and 8.8.4.4, but it does not seem to make any difference, despite spending all morning on it and restarting both my computer (which is a desktop) and the modem-router twice. .

I have checked what DNS server I am using with the two methods suggested here https://unix.stackexchange.com/quest...ers-am-i-using

The first method, the command "nslookup google.com" returns:

Server: 127.0.1.1
Address: 127.0.1.1#53

The second method, the command "cat /etc/resolv.conf" returns:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1

As you can see, neither of them show I am using the Google DNS server, despite have the 8888 and 8844 numbers visible in the Network Connections program from the menu, the other network program from the taskbar, and also in the modem itself.

So what to do next please?

Update - The situation has not changed overnight. My guess is the difficulty may be due to three (or more) possible reasons:
1) My ISP address is not fixed but changes every time I switch the modem-router on. I think I may have Dynamic DNS, not static.
2) Although I have entered 8888 and 8844, I think these may only be later entries on a list, and that the first entry on the list "127.0.1.1" has not been changed.
3) Something within Linux Mint 17.3 Rosa Cinnamon may be overwriting whatever changes I make. Strangely, neither of the two networking apps require any administrative privelidges to make changes, which could be because any changes will be overwritten anyway.
4) Maybe I need to flush the DNS - will have to look that up online.
5) Might be that my modem-router, supplied by my ISP, has been fixed so that you cannot do what I want to do.

Is there any suitable GUI software that can do all the above easily? However I could not use it if it requires entering all the parameters manually as they are fiendishly opaque and there are so many of them, so I would loose all connectivity.

I am quite tempted to buy my own modem-router, especially since the bandwidth I get with the current one is extremely low, but it would have to work when plugged in since I would not know how to set it up.

Last edited by grumpyskeptic; 01-23-2017 at 06:23 AM. Reason: update
 
Old 01-24-2017, 01:41 AM   #14
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052
Quote:
Originally Posted by ondoho View Post
but doesn't the desktop computer's operating system still search for and supply "its own" nameservers, unless it is told that the router already provides them?
i gave this some thought (it's been a while since i set up my network and even longer since i used a gui tool) and realized:
it's the other way round.
most linux desktops will default to use whatever DNS servers are offered through the ISP or router and only through user effort will they use different DNS servers.

Last edited by ondoho; 01-24-2017 at 01:43 AM.
 
Old 01-24-2017, 01:46 AM   #15
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052Reputation: 6052
Quote:
Originally Posted by grumpyskeptic View Post
I have updated both my modem-router and the details in Linux to the Google DNS servers 8.8.8.8 and 8.8.4.4, but it does not seem to make any difference
how did you do that and what difference did you expect it to make?

if you edited /etc/resolv.conf, that will most likely be overwritten by whichever tool creates network connections!

that is most likely networkmanager, and i know for a fact that you can gui-edit connections to use different dns servers:
https://askubuntu.com/a/2325
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Linux Mint 17.1 reviewóless change is good change LXer Syndicated Linux News 0 12-09-2014 01:30 PM
File server, print server inaccessible when change to new DNS tanveer Linux - Server 0 07-31-2007 04:21 AM
Change DNS Server IP Address s.dawood Linux - Networking 1 12-26-2006 03:26 AM
change DNS server in Debian linian Linux - Networking 3 07-29-2006 12:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration