{{Header}}
{{#seo:
|description=DNS
}}
<div class="mininav">
* [[Networking]]
* [[DNS]]
* [[DNS Security]]
</div>
{{intro|
DNS
}}
{{stub}}

= Default DNS Configuration =
[https://github.com/Kicksecure/kicksecure-network-conf kicksecure-network-conf]

= Linux Default DNS Mechanism =
On Linux, DNS libraries read the <code>/etc/resolv.conf</code> file. A DNS-resolving client such as Unbound is optional and not strictly required for basic DNS resolution.

== /etc/resolv.conf ==
* '''Purpose''': The <code>/etc/resolv.conf</code> file is a standard configuration file in Linux systems used by DNS resolver libraries (like <code>glibc</code>) to determine how to perform DNS resolution.
* '''Contents''': It typically contains information such as:
** <code>nameserver</code> directives specifying the IP addresses of DNS servers.
** <code>search</code> domains and <code>options</code> for resolving queries.

== DNS Resolver Libraries ==
* These libraries are part of most Linux systems and use <code>/etc/resolv.conf</code> to send DNS queries to the specified nameservers.
* The libraries themselves handle basic DNS resolution without needing an external DNS resolver client.

== DNS Resolver Clients ==
E.g., <code>unbound</code>, <code>systemd-resolved</code>.

* '''Optional''': External DNS resolving software like <code>unbound</code> or <code>systemd-resolved</code> is not strictly required for basic DNS resolution.
* '''Purpose''': These tools provide additional functionality, such as caching, advanced DNSSEC validation, or recursive DNS resolution.
* '''Integration''': When such a resolver is used, <code>/etc/resolv.conf</code> might point to <code>127.0.0.1</code> (localhost), as the local resolver handles DNS queries before forwarding them.

== Summary ==
* Basic DNS resolution on Linux relies on resolver libraries using <code>/etc/resolv.conf</code>.
* External DNS resolving clients like <code>unbound</code> are optional and primarily used to enhance DNS functionality. They are not required for basic operations if a valid nameserver is defined in <code>/etc/resolv.conf</code>.

= Enabling systemd-resolved =
[[Untested]]!

{{Testers-only}}
{{AdvancedUsersOnly}}

{{CodeSelect|code=
sudo touch /etc/dns-enable
}}

{{CodeSelect|code=
sudo apt install systemd-resolved
}}

{{CodeSelect|code=
sudo systemctl enable systemd-resolved
}}

{{CodeSelect|code=
sudo systemctl start systemd-resolved
}}

{{reflist|close=1}}
{{Footer}}
[[Category:Documentation]]