All Products
Search
Document Center

:The domain name cannot be resolved within the Linux ECS instance

更新時間:Apr 27, 2022

Disclaimer: This topic may be contributed by the community or involve information about third-party products. We recommend that you visit the official website of the community or third-party products for help and support. The third-party products are not supported by Alibaba Cloud after-sales service. This article is for reference only. Alibaba Cloud does not make any implied or other forms of commitment.

Issue

In the Linux ECS instance, the domain name cannot be resolved normally.

Cause

  • The DNS server is not configured correctly.
  • The firewall sets the rules related to port 53.
  • The NSCD cache service with DNS enabled.

Solution

Take note of the following items:

  • Before you perform high-risk operations such as modifying the specifications or data of an Alibaba Cloud instance, we recommend that you check the disaster recovery and fault tolerance capabilities of the instance to ensure data security.
  • Before you modify the specifications or data of an Alibaba Cloud instance, such as an Elastic Compute Service (ECS) instance or an ApsaraDB RDS instance, we recommend that you create snapshots or enable backups for the instance. For example, you can enable log backups for an ApsaraDB RDS instance.
  • If you have granted specific users the permissions on sensitive information, such as usernames and passwords, or submitted sensitive information in the Alibaba Cloud Management Console, we recommend that you modify the sensitive information at the earliest opportunity.

Use the following methods to troubleshoot and locate the problem, and then select the corresponding processing method according to the actual situation on site:

  1. Run the following command to check whether the DNS server is correctly configured:
    cat /etc/resolv.conf
    If the DNS server is not configured correctly, you need to modify the DNS server address. We recommend that you use the following DNS server address provided by Alibaba Cloud. After the DNS configuration is complete, you need to lock the /etc/resolv.conf file to avoid restarting the system configuration. For more information, see How to customize DNS configuration in a Linux instance.
    • public endpoint DNS server
      nameserver 223.5.5.5
      nameserver 223.6.6.6
    • DNS server for internal network address
      nameserver 100.100.2.136
      nameserver 100.100.2.138
  2. Run the following command to check whether the rules related to port 53 are added to the firewall:
    iptables -L
    If the firewall has rules related to port 53, disable the firewall or delete the rules. For more information, see How to use iptables in CentOS7.
  3. Run the following command to check whether the DNS NSCD cache service is started:
    systemctl status nscd
    If the NSCD cache service is started, run the systemctl stop nscd command to disable the NSCD cache service.

Applicable scope

  • Elastic Compute Service