How to Fix “Temporary Failure in Name Resolution” DNS Lookup Errors on CentOS Servers


2 views

When working with CentOS servers, encountering DNS resolution failures can bring your operations to a screeching halt. The error typically manifests like this:

[root@server ~]# ping google.com
ping: google.com: Temporary failure in name resolution

Or when using wget:

--2023-11-15 12:00:00--  http://example.com/file
Resolving example.com... failed: Temporary failure in name resolution.
wget: unable to resolve host address 'example.com'

Many admins notice that restarting the server temporarily fixes the issue, only for it to reappear later. This suggests a deeper configuration problem rather than a simple network hiccup. The main culprits usually are:

  • DHCP overwriting your manual resolv.conf settings
  • NetworkManager not properly maintaining DNS configurations
  • Multiple DNS clients conflicting with each other
  • DNS cache issues

First, let's check the current DNS configuration:

cat /etc/resolv.conf
nmcli dev show | grep DNS

Solution 1: Disable DHCP DNS Overrides

Edit the DHCP client configuration to prevent DNS overwrites:

echo 'PEERDNS=no' >> /etc/sysconfig/network-scripts/ifcfg-eth0

Or for NetworkManager:

nmcli con mod eth0 ipv4.ignore-auto-dns yes
nmcli con mod eth0 ipv4.dns "8.8.8.8 8.8.4.4"
nmcli con up eth0

Solution 2: Configure Static DNS

Create a custom resolv.conf that won't be overwritten:

echo "nameserver 8.8.8.8" > /etc/resolv.conf
echo "nameserver 8.8.4.4" >> /etc/resolv.conf
chattr +i /etc/resolv.conf

Solution 3: Install and Configure dnsmasq

For more robust local DNS caching:

yum install -y dnsmasq
systemctl enable dnsmasq
systemctl start dnsmasq

Then configure it to use your preferred upstream servers in /etc/dnsmasq.conf:

server=8.8.8.8
server=8.8.4.4
cache-size=1000

After making changes, verify with:

dig google.com
nslookup example.com
systemd-resolve --status

For persistent debugging, consider adding this to your cron:

*/5 * * * * /usr/bin/dig example.com >/dev/null || systemctl restart network

Remember that DNS issues can also stem from network connectivity problems, so always verify basic network functionality first:

ping 8.8.8.8
traceroute 8.8.8.8

When your CentOS server repeatedly fails DNS lookups after brief periods of normal operation, it typically indicates a conflict between dynamic network configuration and static DNS settings. The Temporary failure in name resolution message suggests your system can't reach configured nameservers, despite having valid entries in /etc/resolv.conf.

CentOS systems using DHCP will automatically regenerate /etc/resolv.conf unless specifically configured otherwise. This explains why your manual changes get reverted after reboots:

# Check current DNS settings
cat /etc/resolv.conf
# Should show your manually configured nameservers temporarily

# After reboot or network restart:
systemctl restart network
cat /etc/resolv.conf
# Now shows DHCP-provided nameservers

To prevent DHCP from overwriting your DNS settings, you need to modify the network interface configuration:

# Edit your primary network interface config
vi /etc/sysconfig/network-scripts/ifcfg-eth0

# Add these parameters (adjust interface name as needed):
PEERDNS=no
DNS1=8.8.8.8
DNS2=8.8.4.4

Then restart the network service:

systemctl restart network

For systems using NetworkManager (common in newer CentOS versions):

# Create a custom config file
echo "nameserver 8.8.8.8" > /etc/resolv.conf.custom

# Make it immutable
chattr +i /etc/resolv.conf.custom

# Configure NetworkManager to use this file
vi /etc/NetworkManager/NetworkManager.conf

# Add under [main]:
dns=none
rc-manager=unmanaged

# Then symlink it
ln -sf /etc/resolv.conf.custom /etc/resolv.conf

# Restart services
systemctl restart NetworkManager
systemctl restart network

After making changes, verify functionality with these commands:

# Basic DNS lookup test
nslookup google.com

# More detailed diagnostic
dig +trace google.com

# Check which nameserver is actually being used
systemd-resolve --status

For servers making frequent DNS requests, consider installing a local caching resolver:

# Install and configure dnsmasq
yum install dnsmasq -y

# Configure upstream servers
echo "server=8.8.8.8" >> /etc/dnsmasq.conf
echo "server=8.8.4.4" >> /etc/dnsmasq.conf

# Point resolv.conf to localhost
echo "nameserver 127.0.0.1" > /etc/resolv.conf

# Start and enable service
systemctl enable dnsmasq --now

Ensure your firewall isn't blocking DNS traffic (UDP port 53):

# Check firewall rules
iptables -L -n | grep 53

# If using firewalld:
firewall-cmd --add-service=dns --permanent
firewall-cmd --reload