DNS errors can sometimes freeze your entire server. One such error is “Temporary failure in name resolution” on CentOS servers.

As a result, server owners can’t run their applications, perform new installations, and this list continues.

At Bobcares, we help users resolve such complex DNS errors as part of our Server Support Services to web hosts.

Today, we’ll discuss the top 3 reasons for the “temporary failure in name resolution” error on Linux CentOS servers and how we fix them.

What causes “Temporary failure in name resolution” in CentOS?

Server owners usually report this error after changing the system configuration, server reboots, upgrades, etc.

And, our Hosting Engineers use different tools such as ping, telnet, traceroute, etc. to identify the problem.

Based on our experience managing servers, let’s see the main causes of this error.

1) Firewall restrictions

Server firewall restricting external DNS connections is one of the main reasons for this error. And, this can usually happen after server reboot, new server setup, etc.

In other words, wrong firewall rules or DNS port blocks can affect outgoing packets and lead to this error.

How we fix?

Firstly, our Hosting Engineers completely stop the firewall to identify if the firewall is the culprit.

If so, we check and remove the firewall DROP rules affecting the outgoing packets.

For example, in iptables the below command helps to verify all firewall rules on the server and then we remove the offending rule.

iptables -nL

Similarly, we ensure that ports 43(Whois protocol) and 53(DNS protocol) are excluded from the firewall rules. In addition to that, we enable these ports for external access.

Most importantly, we reload the firewall service and network service to reflect the changes.

[Fix the messed up firewall rules on your server? Click here to get one of our Support Experts to look into your issue.]

2) Missing DNS servers

Likewise, this error may occur if the IPs of the DNS nameservers aren’t configured correctly on the server.

The /etc/resolv.conf is the resolver configuration file on Linux CentOS servers, and is used to configure the DNS nameservers.

In other words, this file contains the resolver information that translates domain names into IP addresses, needed to access the resources on internet.

So, missing resolver entries can lead to “temporary failure in name resolution” error on CentOS servers.

Similarly, NetworkManager is a program that connects system to the network automatically. Upon each reboot, NetworkManager reads the ifcfg ethernet profile(aka interface config file) from /etc/sysconfig/network-scripts and generates the /etc/resolv.conf dynamically.

So, if the DNS servers aren’t specified in the interface configuration file, NetworkManager adds blank entries in /etc/resolv.conf after every reboot.

How we fix?

Here, our Hosting Engineers configure the DNS resolvers in the interface configuration file.

So during each reboot, the NetworkManager fetches the resolvers from the interface configuration file, and generates the /etc/resolv.conf file.

But, it is really important to identify the correct interface configuration file. So, we use the below command to identify the correct interface configuration file on CentOS servers.

ip addr show

After that, we add the DNS nameservers to the interface configuration file and restart the network to reflect the changes.

Server owners sometimes prefer to update the resolv.conf file manually. In such cases, we manually update the DNS nameserver entries to the /etc/resolv.conf file in the below format.

nameserver 12x.15x.1xx.2xx
nameserver 12x.14x.1xx.21x

And upon request, we set Google’s public nameservers as well.

nameserver 8.8.8.8
nameserver 8.8.4.4

Most importantly, we add the following code in interface configuration file.

NM_CONTROLLED=no

This tells NetworkManager to not update the /etc/resolv.conf file.

Alternatively, we can stop NetworkManager completely on the server. For example, on CentOS servers we stop the NetworkManager service using the below command.

systemctl stop NetworkManager
systemctl disable NetworkManager

Additionally, we configure the NetworkManager service to prevent it from starting automatically.

chkconfig NetworkManager off

[And, You need a Server Expert to look into this problem? Click here! One of our Server Experts will fix it for you.]

3) Incorrect permission of resolver config file

This can happen at times.

Incorrect permissions of the DNS resolver configuration file /etc/resolver.conf can lead to “temporary failure in name resolution” error.

How we fix?

Our Support Engineers always ensure that the DNS resolver configuration file is writable.

chmod 755 /etc/resolv.conf

At Bobcares, we conduct regular server audits to ensure that critical configuration files have sufficient permissions for the services to work.

[Struggling with permissions and ownership of your critical configuration files? Our Server Experts can help you here.]

Conclusion

In short, “temporary failure in name resolution” on CentOS servers can happen due to missing resolver entries, firewall rules, etc. Today, we’ve discussed the top 3 reasons for this error and how our Server Support Engineers fix them.