Setting Up DNS in Alpine Linux: No More Network Headaches
I’ll show you how to fix DNS problems in Alpine Linux. Trust me, I’ve spent way too many hours fighting with DNS issues. This stuff can be tricky, but I’ll walk you through it step by step.
Introduction
So here’s the thing - DNS makes your computer find websites by their names instead of remembering crazy IP numbers. Alpine Linux does this differently than other systems. It doesn’t use that systemd thing. Instead, it keeps things simple with basic config files.
I struggled with this when I first started using Alpine. The internet would work with IP addresses but not website names. Pretty frustrating stuff.
Why You Need This
- Your browser can find websites properly
- Package downloads work without errors
- Network problems become way easier to fix
- You’ll stop getting weird connection failures
Prerequisites
You’ll need these things first:
- Root access to your Alpine Linux system
- A text editor like nano or vim
- Basic terminal knowledge
- Working internet connection (at least with IP addresses)
What we’re doing: Let’s check if your network actually works before we fix DNS.
# See what network stuff you have
ip addr show
# Test if internet works with IP numbers
ping -c 3 8.8.8.8
Code explanation:
ip addr show
: Shows all your network connections and their IP addressesping -c 3 8.8.8.8
: Sends 3 test packets to Google’s DNS server-c 3
: Stops after 3 tries so it doesn’t run forever
How DNS Works in Alpine Linux
Alpine Linux uses a few different files to figure out where websites are. It’s actually pretty simple once you get it.
The Important Files
/etc/resolv.conf
: Main DNS config file/etc/hosts
: Local website mappings/etc/nsswitch.conf
: How the system looks things upopenresolv
: Advanced DNS management tool
How Your Computer Finds Websites
- Checks
/etc/hosts
for local entries first - Asks DNS servers in
/etc/resolv.conf
- Uses search domains for short names
- Returns the IP address or gives up
Method 1: Quick DNS Fix
Step 1: Edit the Main DNS File
This is the easiest way to get DNS working. I use this method most of the time.
What we’re doing: We’ll backup your current DNS settings and then fix them.
# Make a backup so we can undo this later
sudo cp /etc/resolv.conf /etc/resolv.conf.backup
# Open the DNS config file
sudo nano /etc/resolv.conf
Code explanation:
sudo cp /etc/resolv.conf /etc/resolv.conf.backup
: Makes a safety copysudo nano /etc/resolv.conf
: Opens the DNS file in nano editorsudo
: Needed because this file belongs to root
What we’re doing: Adding good DNS servers that actually work reliably.
Replace everything in /etc/resolv.conf
with this:
# Google's DNS servers - they're pretty fast
nameserver 8.8.8.8
nameserver 8.8.4.4
# Cloudflare DNS - also good (you can use this instead)
# nameserver 1.1.1.1
# nameserver 1.0.0.1
# Search domain for short names (change this to your domain)
search example.com
# Make DNS faster by timing out quicker
options timeout:2
options attempts:3
Configuration explanation:
nameserver 8.8.8.8
: Primary DNS server (Google’s)nameserver 8.8.4.4
: Backup DNS server in case the first one failssearch example.com
: Domain to add to short namesoptions timeout:2
: Don’t wait more than 2 seconds for a responseoptions attempts:3
: Try 3 times before giving up
Step 2: Test That It Works
What we’re doing: Making sure our DNS changes actually work.
# Test basic website lookup
nslookup google.com
# Try a different testing tool
dig google.com
# Test with a specific DNS server
nslookup google.com 8.8.8.8
Code explanation:
nslookup google.com
: Asks DNS to find google.com’s IP addressdig google.com
: Another way to test DNS (gives more info)nslookup google.com 8.8.8.8
: Tests using Google’s DNS server directly
Expected Output:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 142.250.185.46
What this means: DNS is working! The server found google.com and gave us its IP address.
Step 3: Stop Other Programs from Breaking This
What we’re doing: Some programs like to “help” by changing your DNS settings. We’ll stop them.
# Method 1: Make the file unchangeable
sudo chattr +i /etc/resolv.conf
# Method 2: Use a custom file (if method 1 doesn't work)
sudo mv /etc/resolv.conf /etc/resolv.conf.orig
sudo ln -s /etc/resolv.conf.custom /etc/resolv.conf
Code explanation:
sudo chattr +i /etc/resolv.conf
: Makes the file unchangeable (immutable)sudo mv /etc/resolv.conf /etc/resolv.conf.orig
: Renames the original filesudo ln -s
: Creates a link to a custom DNS file
Method 2: Network Interface DNS Settings
Using Network Config Files
What we’re doing: Setting up DNS that sticks around when you restart the network.
# Edit the network config file
sudo nano /etc/network/interfaces
Code explanation:
sudo nano /etc/network/interfaces
: Opens the file where network settings live
What we’re doing: Adding DNS settings right into your network configuration.
Add this to your interface settings:
# For DHCP (automatic IP) with custom DNS
auto eth0
iface eth0 inet dhcp
dns-nameservers 8.8.8.8 8.8.4.4
dns-search example.com
dns-domain example.com
# For static IP with custom DNS
auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 8.8.8.8 8.8.4.4
dns-search example.com
Configuration explanation:
auto eth0
: Starts this network connection automaticallyiface eth0 inet dhcp
: Uses automatic IP assignmentdns-nameservers 8.8.8.8 8.8.4.4
: Sets custom DNS serversdns-search example.com
: Domain to search for short namesinet static
: Alternative for manual IP setup
Restart Your Network
What we’re doing: Applying our new settings by restarting the network.
# Restart all network stuff
sudo service networking restart
# Or restart just one connection
sudo ifdown eth0 && sudo ifup eth0
# Check if it worked
cat /etc/resolv.conf
Code explanation:
sudo service networking restart
: Restarts all network connectionssudo ifdown eth0
: Turns off the eth0 connectionsudo ifup eth0
: Turns on the eth0 connection with new settingscat /etc/resolv.conf
: Shows what’s in the DNS file now
Stop DHCP from Messing Things Up
What we’re doing: Making the DHCP client use our DNS servers instead of what the router gives us.
# Edit DHCP client settings
sudo nano /etc/dhcpcd.conf
Code explanation:
sudo nano /etc/dhcpcd.conf
: Opens the DHCP client config file
What we’re doing: Telling DHCP to use our DNS servers no matter what.
Add these lines:
# Use our DNS servers instead of router's
static domain_name_servers=8.8.8.8 8.8.4.4
# Don't let DHCP change our DNS file
nohook resolv.conf
Configuration explanation:
static domain_name_servers=8.8.8.8 8.8.4.4
: Forces use of our DNS serversnohook resolv.conf
: Stops DHCP from changing /etc/resolv.conf
Method 3: Advanced DNS Setup
Using openresolv
What we’re doing: Installing a tool that handles multiple network connections with different DNS servers.
# Install the openresolv package
sudo apk add openresolv
# Set up DNS for a specific network connection
sudo resolvconf -a eth0 << EOF
nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com
EOF
Code explanation:
sudo apk add openresolv
: Downloads and installs the openresolv toolsudo resolvconf -a eth0
: Adds DNS config for the eth0 connection<< EOF ... EOF
: Feeds multiple lines to the command
What we’re doing: Managing DNS settings for different connections.
# See all DNS settings
resolvconf -l
# Remove DNS settings for a connection
resolvconf -d eth0
Code explanation:
resolvconf -l
: Lists all DNS configurationsresolvconf -d eth0
: Deletes DNS settings for eth0
Different DNS for Different Networks
What we’re doing: Setting up different DNS servers for WiFi vs Ethernet. This is pretty cool.
# WiFi gets Cloudflare DNS
sudo resolvconf -a wlan0 << EOF
nameserver 1.1.1.1
nameserver 1.0.0.1
EOF
# Ethernet gets Google DNS
sudo resolvconf -a eth0 << EOF
nameserver 8.8.8.8
nameserver 8.8.4.4
EOF
Code explanation:
resolvconf -a wlan0
: Sets DNS just for WiFiresolvconf -a eth0
: Sets DNS just for Ethernet- Different DNS servers can be faster for different connections
Secure DNS Setup
DNS over HTTPS
What we’re doing: Encrypting DNS requests so nobody can spy on what websites you visit.
# Install cloudflared
sudo apk add cloudflared
# Make config directory
sudo mkdir -p /etc/cloudflared
sudo nano /etc/cloudflared/config.yml
Code explanation:
sudo apk add cloudflared
: Installs Cloudflare’s DNS toolsudo mkdir -p /etc/cloudflared
: Creates the config folder-p
: Creates parent folders if needed
What we’re doing: Setting up encrypted DNS that runs locally.
Add this to /etc/cloudflared/config.yml
:
# Turn on DNS proxy mode
proxy-dns: true
# Local port to listen on
proxy-dns-port: 5053
# Encrypted DNS servers
proxy-dns-upstream:
- https://1.1.1.1/dns-query
- https://1.0.0.1/dns-query
Configuration explanation:
proxy-dns: true
: Turns on DNS proxy modeproxy-dns-port: 5053
: Port where the proxy listensproxy-dns-upstream
: HTTPS URLs for encrypted DNS
What we’re doing: Starting the encrypted DNS service.
# Start cloudflared at boot
sudo rc-update add cloudflared
# Start it now
sudo service cloudflared start
# Point system to our encrypted DNS
echo "nameserver 127.0.0.1" | sudo tee /etc/resolv.conf
Code explanation:
sudo rc-update add cloudflared
: Makes it start automaticallysudo service cloudflared start
: Starts the service nowecho "nameserver 127.0.0.1"
: Points DNS to our local encrypted proxy
Testing Your DNS
Basic Tests
What we’re doing: Making sure everything actually works like it should.
# Basic website lookup
nslookup google.com
# More detailed info
dig google.com
# Reverse lookup (IP to name)
nslookup 8.8.8.8
# Check different record types
dig google.com MX
dig google.com TXT
Code explanation:
nslookup google.com
: Basic DNS testdig google.com
: More detailed DNS infonslookup 8.8.8.8
: Finds domain name for IP addressdig google.com MX
: Looks up mail server recordsdig google.com TXT
: Looks up text records
Speed Tests
What we’re doing: Figuring out which DNS servers are fastest for you.
# Install testing tools
sudo apk add bind-tools
# Time how long DNS takes
time nslookup google.com
# Test different DNS servers
for dns in 8.8.8.8 1.1.1.1 208.67.222.222; do
echo "Testing DNS server: $dns"
time nslookup google.com $dns
done
Code explanation:
sudo apk add bind-tools
: Installs DNS testing toolstime nslookup google.com
: Shows how long the lookup takesfor dns in ...
: Tests multiple DNS serverstime nslookup google.com $dns
: Times query to specific server
Fixing Common Problems
Problem 1: DNS Doesn’t Work at All
What’s wrong: You can ping IP addresses but can’t reach websites by name.
What we’re doing: Step by step troubleshooting to find the issue.
# Check what DNS servers you're using
cat /etc/resolv.conf
# Test if you can reach the DNS server
ping 8.8.8.8
# Check your network routing
ip route show
# Look for DNS programs running
ps aux | grep -E "(unbound|dnsmasq)"
Code explanation:
cat /etc/resolv.conf
: Shows your current DNS settingsping 8.8.8.8
: Tests if you can reach Google’s DNS serverip route show
: Shows how your network traffic gets routedps aux | grep -E "(unbound|dnsmasq)"
: Looks for DNS programs
Problem 2: DNS is Really Slow
What’s wrong: Websites take forever to load because DNS lookups are slow.
What we’re doing: Testing different servers and setting up local caching.
# Compare different DNS servers
time nslookup google.com 8.8.8.8
time nslookup google.com 1.1.1.1
# Install local DNS cache
sudo apk add dnsmasq
# Set up caching
sudo nano /etc/dnsmasq.conf
Code explanation:
time nslookup
: Shows how long each DNS server takessudo apk add dnsmasq
: Installs a local DNS cache- Local cache makes repeated lookups much faster
What we’re doing: Setting up dnsmasq to cache DNS queries locally.
Add this to /etc/dnsmasq.conf
:
# How many DNS queries to remember
cache-size=1000
# DNS servers to ask when cache misses
server=8.8.8.8
server=8.8.4.4
# Only listen locally for security
listen-address=127.0.0.1
Configuration explanation:
cache-size=1000
: Remembers 1000 recent DNS queriesserver=8.8.8.8
: Upstream server when cache doesn’t have the answerlisten-address=127.0.0.1
: Only accepts queries from local machine
Problem 3: Settings Keep Getting Reset
What’s wrong: Your DNS settings work but get changed back after reboot.
What we’re doing: Making DNS settings permanent.
# Check if resolv.conf is being overwritten
ls -la /etc/resolv.conf
# Stop DHCP from changing DNS
sudo nano /etc/dhcpcd.conf
Code explanation:
ls -la /etc/resolv.conf
: Shows if the file is a link to something else- DHCP often overwrites DNS settings with router defaults
Add this line to /etc/dhcpcd.conf
: nohook resolv.conf
What this does: Stops DHCP from messing with your DNS settings.
Speed Things Up with Caching
Set Up DNS Caching
What we’re doing: Making a local DNS cache so repeat lookups are instant.
# Install dnsmasq
sudo apk add dnsmasq
# Configure it
sudo nano /etc/dnsmasq.conf
Code explanation:
- Local cache stores recent DNS results in memory
- Second time you visit a site, DNS is instant
What we’re doing: Configuring dnsmasq for best performance.
Add this to /etc/dnsmasq.conf
:
# Cache 1000 recent DNS queries
cache-size=1000
# Use these DNS servers for new queries
server=8.8.8.8
server=8.8.4.4
# Security - only local connections
listen-address=127.0.0.1
# Don't read hosts file
no-hosts
# Log queries for debugging
log-queries
Configuration explanation:
cache-size=1000
: Adjust this based on how much RAM you haveserver=
: Use multiple servers for backuplisten-address=127.0.0.1
: Prevents outside accesslog-queries
: Helps when things go wrong
What we’re doing: Starting the cache and pointing DNS to it.
# Start dnsmasq at boot
sudo rc-update add dnsmasq
# Start it now
sudo service dnsmasq start
# Use local cache for DNS
echo "nameserver 127.0.0.1" | sudo tee /etc/resolv.conf
Code explanation:
sudo rc-update add dnsmasq
: Makes it start automaticallyecho "nameserver 127.0.0.1"
: All DNS goes through local cache- Cache forwards unknown queries to upstream servers
Best Practices That Actually Work
Use Multiple DNS Servers
What we’re doing: Setting up backup DNS servers so things don’t break.
# Edit DNS config
sudo nano /etc/resolv.conf
Add multiple servers:
# Primary DNS (usually fastest)
nameserver 1.1.1.1
# Backup DNS
nameserver 8.8.8.8
# Last resort (your router)
nameserver 192.168.1.1
# Speed up failover
options timeout:1
options attempts:2
options rotate
Configuration explanation:
- Multiple servers mean automatic backup if one fails
timeout:1
: Fail over fasterattempts:2
: Don’t try too many timesrotate
: Spreads load across servers
Monitor DNS Health
What we’re doing: Setting up automatic checking so you know when DNS breaks.
# Create monitoring script
sudo nano /usr/local/bin/dns-monitor.sh
Code explanation:
- Automatic monitoring catches problems before you notice them
- Script runs regularly to test DNS
#!/bin/sh
# Check if DNS servers are working
# Where to log results
LOGFILE="/var/log/dns-monitor.log"
# DNS servers to test
DNSSERVERS="8.8.8.8 1.1.1.1"
# Test each server
for server in $DNSSERVERS; do
if ! nslookup google.com $server > /dev/null 2>&1; then
echo "$(date): DNS server $server failed" >> $LOGFILE
fi
done
Code explanation:
#!/bin/sh
: Use basic shell for compatibilityLOGFILE="/var/log/dns-monitor.log"
: Where to save resultsfor server in $DNSSERVERS
: Tests each DNS server> /dev/null 2>&1
: Hides output, just checks if it works
What we’re doing: Making the script run automatically.
# Make it executable
sudo chmod +x /usr/local/bin/dns-monitor.sh
# Run every 5 minutes
echo "*/5 * * * * /usr/local/bin/dns-monitor.sh" | sudo crontab -
Code explanation:
sudo chmod +x
: Makes the script runnable*/5 * * * *
: Cron schedule meaning “every 5 minutes”sudo crontab -
: Adds the job to root’s schedule
Real-World Examples
Corporate Network
What we’re doing: Setting up DNS for office networks with internal servers.
# Install dnsmasq for smart routing
sudo apk add dnsmasq
# Configure split DNS
sudo nano /etc/dnsmasq.conf
Code explanation:
- Split DNS sends internal domains to company servers
- External domains go to public DNS
# Company stuff goes to internal DNS
server=/company.local/192.168.1.10
# Everything else goes to public DNS
server=8.8.8.8
server=8.8.4.4
# VPN domains go to VPN DNS
server=/vpn.company.com/10.0.0.1
Configuration explanation:
/company.local/192.168.1.10
: Internal domain routingserver=8.8.8.8
: Public DNS for everything else- Lets you access both internal and external sites
Development Setup
What we’re doing: Setting up local development domains.
# Edit hosts file for local development
sudo nano /etc/hosts
Add local mappings:
# Local development sites
127.0.0.1 app.local
127.0.0.1 api.local
127.0.0.1 db.local
Configuration explanation:
- Maps development domains to localhost
- Use real domain names while developing
- Works without internet connection
Wrapping Up
You just learned how to:
- Fix DNS problems that stop websites from loading
- Set up multiple DNS servers for backup
- Make DNS faster with local caching
- Stop other programs from breaking your settings
That’s it! You now know how to handle DNS in Alpine Linux. This stuff has saved me tons of time debugging network problems. I use local caching on all my systems now - it makes everything feel snappier.
These methods work great and I’ve used them on everything from tiny IoT devices to big servers. DNS problems used to drive me crazy, but now they’re no big deal.