DNS

DNS in NetmakerCopied!

Manage DNS is a powerful feature that enables devices in a Netmaker network to communicate using domain names instead of hard-to-remember IP addresses. This feature simplifies network management and improves usability, especially in larger or more dynamic environments. Currently, Manage DNS is supported only on Linux-based devices.

Why Use DNS?Copied!

Using DNS (Domain Name System) in a network offers several key advantages:

1. Human-Friendly Communication:

   • Instead of memorizing and typing complex IP addresses (e.g., 10.207.89.124), users can use simple, descriptive domain names (e.g., deviceA.networkA).

   • This makes it easier to manage and interact with devices in the network.

2. Scalability:

   • As networks grow, managing IP addresses becomes increasingly challenging. DNS allows for seamless scaling by assigning meaningful names to devices, regardless of how many are added.

3. Improved Organization:

   • Domain names can reflect the purpose or location of a device (e.g., printer.office or sensor.warehouse), making it easier to identify and manage devices within the network.

By leveraging DNS, Netmaker's Manage DNS feature brings these benefits to your virtual network, making it more intuitive, scalable, and manageable.

Key Features of Manage DNSCopied!

1. How It Works:

   • Manage DNS relies on the broker to synchronize DNS entries. Without the broker, the feature won't function properly.

   • It is an out-of-the-box feature that can be enabled by setting MANAGE_DNS=true in the netmaker.env file.

   • It is independent of CoreDNS and does not require CoreDNS to be enabled.

2. Domain Name Format:

   • Each device registered in the network is automatically assigned a domain name in the format:
     <device-name>.<network-name>
     Example: deviceA.networkA.

3. Netclient Configuration:

   • No manual setup is required on the netclient side. The netclient automatically checks if Manage DNS is enabled during startup and activates the necessary DNS components.

4. Static Nodes Configuration:

   • Manage DNS is supported on static-nodes if the DNS field is specified in the WireGuard config file:
     DNS = <Remote Access Gateway IP>
     Replace <Remote Access Gateway IP> with the IP of the Remote Access Gateway in your network.

     Netmaker automatically sets the DNS IP in the WG file if the DNS was specified in the gateway of the static-node (see screenshot below).

     

     Alternatively, if the DNS was set in the WG config under advanced settings when generating the WG conf file from the node screen, Netmaker also applies it automatically (see screenshot below).

     

     
     

Troubleshooting for netclient and extClientCopied!

1. Failed DNS Restoration:

   • If netclient fails to restore DNS settings:

     • Check for a backup file at /etc/netclient/resolv.conf.nm.bkp. If it exists, replace /etc/resolv.conf with the backup.

     • If no backup exists, manually edit /etc/resolv.conf to remove the Netmaker network IP and search domain.

2. Incorrect IP in Cache:

   • If ping, nslookup, or dig returns an old IP, flush the local DNS cache:
     resolvectl flush-caches.

3. IPv6-Only extClient:

   • If an IPv6-only device tries to connect via IPv4, edit the WireGuard config file and update the AllowedIPs section to include only IPv6 addresses/ranges.

4. Debian 11 on Digital Ocean:

   • By default, resolvconf is installed and enabled, which conflicts with Manage DNS. To fix:

     • Remove resolvconf and enable systemd-resolved

       apt remove resolvconf
       systemctl enable systemd-resolved
       systemctl restart systemd-resolved

       plaintext Copy Copied!

     • Then install netclient.

CoreDNSCopied!

As of 0.22.0, CoreDNS is an active part of the Netmaker system. We deprecated setting entries on the hosts file which was not an ideal implementation. Netmaker server actively sets the dns entries on the CoreDNS server. After you install the netmaker server components, you can see the corendns container running as well. You need to make some changes manually to activate the corendns server, follow these steps on the netmaker server:

1. Make sure that UDP Port 53 and TCP Port 53 are allowed to pass in the network where your netmaker server lies

2. disable the systemd-resolved (Reason: to avoid port conflict with coredns server)

sudo systemctl disable systemd-resolved.service
sudo systemctl stop systemd-resolved

3. Make sure the network_mode: host is set on the coredns container spec in /root/docker-compose.yml and run docker-compose up -d

And now you can point any machine in the network to use this DNS server and you can reach the other peers in the network by their domain names.

For external clients running linux, make sure ‘resolvconf’ is installed before setting the Wireguard configurations.

Refer to your operating system documentation for information about how to configure custom DNS network settings. Here are some general help guides on how to add custom DNS server:

1. Linux - https://devilbox.readthedocs.io/en/latest/howto/dns/add-custom-dns-server-on-linux.html. Configuration depends on what distribution of Linux you use.

2. Mac - https://devilbox.readthedocs.io/en/latest/howto/dns/add-custom-dns-server-on-mac.html

3. Windows - https://devilbox.readthedocs.io/en/latest/howto/dns/add-custom-dns-server-on-win.html

If your machine is virtually hosted in a cloud, you might want to refer to your VM provider’s documentation on how to permanently set the custom DNS resolver.

SummaryCopied!

• Manage DNS simplifies device communication using domain names in Netmaker networks.

• Minimal setup required.

• Troubleshooting steps provided for common issues like DNS restoration failures, cached IPs, and IPv6-only configurations.

• CoreDNS (introduced in v0.22.0) replaces the deprecated hosts file method:

  • Netmaker server actively manages DNS entries via CoreDNS.

  • Ensure UDP/TCP Port 53 is open and systemd-resolved is disabled to avoid port conflicts.

  • Update the docker-compose.yml with the correct network mode for CoreDNS.