fbpx

[Solved] Temporary failure in name resolution

DNS errors such as temporary failure in name resolution can easily cripple your server. You will not be able to install any yum packages, you will even not be able to ping google.com, because as you can see this is a name resolution error, which means your server can not resolve domain names to their respective IP Addresses (if you know about DNS, you will know that this is something the whole internet relies on).

 

In this article we will see how to resolve temporary failure in name resolution error, we will discuss various reasons and their respective solutions.


Missing DNS Server IPs

 

Every server needs IP of DNS servers to which they can send their DNS queries. So if IPs of DNS servers are not configured then your server doesn’t know how to resolve domain names to IP Address thus you will end up getting temporary failure in name resolution.

 

In UNIX based system (Linux servers). DNS servers are usually configured in a file called /etc/resolv.conf. So if you don’t have this file or it is empty then you can not resolve domain names, make sure to create one and put the following contents in it:

 

nameserver 1.1.1.1
nameserver 8.8.8.8

 

Network Manager

 

Recently most of the Linux based servers are shipped with NetworkManager. NetworkManager help your connect your server automatically to the internet, for this task network manager auto-generates some configuration files. NetworkManager reads your interface file (eth0 or ifcfg) and then auto-generates /etc/resolv.conf file.

 

Now if you have not defined DNS servers in your /etc/sysconfig/network-scripts file, then /etc/resolv.conf will remain empty, thus you end up getting temporary failure in name resolution error. You can also fix this issue by just populating /etc/resolv.conf file as described above.

 

Also, make sure that in your /etc/sysconfig/network-scripts file set NM_CONTROLLED=no. So that NetworkManager will not update your /etc/resolv.conf file again.

Having issues installing packages on Ubuntu

 

You might see something like

 

Err:1 http://security.ubuntu.com/ubuntu xenial-security InRelease
Temporary failure resolving ‘security.ubuntu.com’
Err:2 http://dl.google.com/linux/mod-pagespeed/deb stable InRelease
Temporary failure resolving ‘dl.google.com’
Err:3 http://mirrors.digitalocean.com/ubuntu xenial InRelease
Temporary failure resolving ‘mirrors.digitalocean.com’
Err:4 http://mirrors.digitalocean.com/ubuntu xenial-updates InRelease
Temporary failure resolving ‘mirrors.digitalocean.com’
Err:5 http://mirrors.digitalocean.com/ubuntu xenial-backports InRelease
Temporary failure resolving ‘mirrors.digitalocean.com’
Err:6 https://repos.sonar.digitalocean.com/apt main InRelease
Could not resolve host: repos.sonar.digitalocean.com

 

This is an example of temporary failure in name resolution error, as apt can not resolve these mentioned domains to their IP Address. Make sure to allow these ports in UFW using the command below :

 

sudo ufw allow out 53,113,123/udp


Restrictions in your Firewall

 

There might also be a firewall restriction preventing your DNS queries. That is why we always recommend installing CyberPanel for free, CyberPanel will open all default ports for you, it will also help you run a super-fast website. Install CyberPanel for free using the install guide. You can also learn how CyberPanel will help you run the super fast website by reading our OpenLiteSpeed vs NGINX article.

 

Let see if this is actually a firewall error by stopping the firewall.

 

Firewalld

 

systemctl stop firewalld

 

Or CSF

 

csf -f

 

Now test and see if your issue is resolved if so, it means that your firewall is preventing your DNS queries.

 

Fix for Firewalld

 

You can add port 53 (UDP) and 43 (whois) to your firewalld. Following commands can be used

 

firewall-cmd — permanent — add-port=56/udp

firewall-cmd — permanent — add-port=43/tcp

 

This will open DNS related ports in FirewallD. If you are using CyberPanel you can easily go to CyberPanel firewalld interface and add these ports without going to CLI.

 

Go to -> https://<IP Address>:8090/firewall/

 

There you can easily open these two ports.

 

Fix for CSF

 

Open file /etc/CSF/csf.conf, then find the line containing TCP_IN and TCP_OUT then add your desired ports. Once your desired ports are added simply restart CSF so that your changes can take effect

 

csf -r

 

To remove any ports, you can just remove those ports from same lines and restart CSF.

 

Again if you are using CyberPanel and you have installed CSF (this will disable Firewalld interface). You can easily go to -> https://<IP Address>:8090/firewall/csf

 

From there you can add your ports and CyberPanel will take care of everything.


Wrong permissions on /etc/resolv.conf file

 

In some rare cases it is possible that your resolver file have wrong owner or permissions, execute following commands to implement correct permissions

 

chown root:root /etc/resolv.conf

chmod 644 /etc/resolv.conf

 

This should fix any permissions related issues with the resolver file.


Conclusions

 

I hope by now you have a general idea of what actually is a  temporary failure in name resolution error, because to fix any error we first need to know what actually it is. Then we’ve also discussed various ways to fix this error in different situations.

 

If you are a system administrator, then the first rule to solving any problem is stay calm and debug the problem. However, if you don’t have much time and looking for experts to manage your server, you are in the right place, you can hire our managed vps service. We offer 3 days free trial (no credit card required).