How can I avoid DNS resolution failures with an Amazon EC2 Linux instance?
5 minute read
I want to avoid DNS resolution failures with Amazon Elastic Compute Cloud (Amazon EC2) Linux instances.
To decrease CPU and network usage and avoid DNS resolution failures, apply a DNS cache.
If you use a DNS cache to query external DNS resources, then the cache answers most of the recurring DNS queries locally. When the cache does this, it doesn't interact with the DNS resolver over the network. You can query external DNS resources such as the following examples:
Amazon Relational Database Service (Amazon RDS)
Amazon Simple Storage Service (Amazon S3)
The following procedure applies to all versions of Amazon Linux. If you use another distribution, then select the documentation for your distribution from the following list:
Note:dnsmasq typically runs as the root user, but it changes to another user after startup (by default, the user is nobody). This drops root privileges.
3. Create a copy of the dnsmasq.conf file:
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
4. Open the configuration file with a text editor (for example, vim):
sudo vim /etc/dnsmasq.conf
5. Edit the /etc/dnsmasq.conf file so that it's similar to the following example:
# Server Configurationlisten-address=127.0.0.1
# Name resolution options
Note: The bogus-priv option in dnsmasq causes a reverse DNS lookup to fail for private IP ranges that aren't in /etc/hosts or the DHCP leases file. If you want to perform a successful reverse lookup, then comment out or remove bogus-priv. For more information, see -b, --bogus-priv on the dnsmasq man page.
Note: For more information about DNS server locations, see What is DHCP? In some cases, you need to adjust the file /etc/resolv.dnsmasq to use the name server for that network. Adjust the file when you create an AMI from an instance with the dnsmasq cache to launch in another VPC with a different CIDR. Or, adjust the file when you specify a custom DNS server in your DHCP options.
7. Restart the dnsmasq server, and set the service to start up on boot:
Amazon Linux 1
sudo service dnsmasq restart
sudo chkconfig dnsmasq on