How to use the command 'resolvectl' (with examples)
- Linux
- December 17, 2024
resolvectl is a versatile command-line tool commonly found in Linux systems for managing DNS settings and resolving domain-related queries. It functions as an interface to the systemd-resolved service, allowing users to introspect, reconfigure, and interact with DNS resolver data. Whether you’re diagnosing network issues, developing applications that require domain name resolution, or managing server configurations, resolvectl can be an indispensable tool.
Use Case 1: Show DNS Settings
Code:
resolvectl status
Motivation:
When you’re setting up a network or troubleshooting DNS issues, knowing your current DNS settings is crucial. resolvectl status provides comprehensive information on the DNS configuration of all the network interfaces in your system. This allows you to verify the settings or identify misconfigurations.
Explanation:
resolvectl: The command itself is designed for a wide range of DNS-related actions.status: This argument tellsresolvectlto display the current DNS settings, including information such as DNS servers in use, DNSSEC status, and whether the DNS cache is enabled.
Example Output:
Global
Protocols: -UDP -TCP -TLS -LLMNR -mDNS -DNSOverTLS
resolv.conf mode: stub
Current DNS Server: 8.8.8.8
DNS Servers: 8.8.8.8
8.8.4.4
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
Link 3 (wlp3s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS
Current DNS Server: 192.168.1.1
DNS Servers: 192.168.1.1
Use Case 2: Resolve the IPv4 and IPv6 Addresses for One or More Domains
Code:
resolvectl query example.com
Motivation:
Web developers, network administrators, and IT professionals often need to resolve domain names into IP addresses to ensure connectivity, perform diagnostics, or configure hardware. This command helps you find the associated IPv4 and IPv6 addresses for a given domain.
Explanation:
resolvectl: Initiates the command tool for DNS-related actions.query: Requests DNS resolution for the specified domain(s).example.com: The domain to be resolved. This can be one or multiple domains separated by space.
Example Output:
example.com: 93.184.216.34
2606:2800:220:1:248:1893:25c8:1946
-- Information acquired via protocol DNS in 28.8ms.
-- Data is authenticated: no
Use Case 3: Retrieve the Domain of a Specified IP Address
Code:
resolvectl query 93.184.216.34
Motivation:
There are instances, such as security audits or debugging network issues, where you need to determine the domain associated with an IP address. This reverse DNS lookup helps identify the origin or verify the ownership of an IP address.
Explanation:
resolvectl: The command-line tool for various DNS actions.query: Used to fetch details, in this case, from an IP address.93.184.216.34: The IP address you wish to reverse look up to find its associated domain name.
Example Output:
93.184.216.34: example.com
-- Information acquired via protocol DNS in 15.5ms.
-- Data is authenticated: no
Use Case 4: Flush All Local DNS Caches
Code:
resolvectl flush-caches
Motivation:
DNS caching can sometimes lead to outdated or incorrect information being used by your system. Flushing the DNS cache ensures that the system retrieves the latest DNS information, which is particularly useful during DNS changes or troubleshooting domain resolution problems.
Explanation:
resolvectl: The base command for DNS management.flush-caches: Clears all the DNS cache stored locally, forcing retrieval of fresh DNS information.
Example Output:
Caches flushed.
Use Case 5: Display DNS Statistics
Code:
resolvectl statistics
Motivation:
Understanding DNS performance and behavior can be crucial for network tuning and troubleshooting. By displaying DNS statistics, this command provides insight into DNS transaction counts, cache hits/misses, and DNSSEC verdicts, which are essential for performance analysis and identifying issues.
Explanation:
resolvectl: Engages the DNS tool.statistics: Requests statistical data on DNS transactions and performance metrics.
Example Output:
DNSSEC supported: no
Cache hit rate: 75%
DNS transaction statistics (total/done/invalid/untested): 1024/1008/16/0
Use Case 6: Retrieve an MX Record of a Domain
Code:
resolvectl --legend=no --type=MX query example.com
Motivation:
For email server configuration or troubleshooting, retrieving the Mail Exchange (MX) record is essential. The MX record specifies the mail server responsible for receiving emails on behalf of a domain, which is critical for email delivery systems.
Explanation:
resolvectl: Invokes the DNS resolver tool.--legend=no: Suppresses additional descriptive output for cleaner results.--type=MX: Specifies that the command should retrieve the MX records.query example.com: Queries the domain for its MX record.
Example Output:
example.com IN MX 10 mail.example.com.
Use Case 7: Resolve an SRV Record
Code:
resolvectl service _xmpp-server._tcp.gmail.com
Motivation:
Service (SRV) records are DNS entries that specify the location of servers for certain services. By resolving SRV records, you can understand the server’s hostname and port, which is essential for specific applications like VoIP or messaging services.
Explanation:
resolvectl: Engages the tool for DNS querying.service: Specifies that an SRV record should be retrieved._xmpp-server._tcp.gmail.com: Represents the service and protocol for the query.
Example Output:
_xmpp-server._tcp.gmail.com: gmail.com:5269
Use Case 8: Retrieve a TLS Key
Code:
resolvectl tlsa tcp example.com:443
Motivation:
Retrieving a TLSA record is vital for DNS-based Authentication of Named Entities (DANE). It provides the hash of a TLS/SSL server certificate used to enhance security by specifying which certificates are valid for a domain.
Explanation:
resolvectl: Invokes the command tool for DNS tasks.tlsa: Specifies retrieval of TLSA records for the domain.tcp example.com:443: Indicates the protocol and service for which the TLSA record is requested.
Example Output:
_443._tcp.example.com: 3 1 1 a94cc6c8ebee33268c14ee74f3ddbab18b1f8ea3a5e4e4597cc4de79a036d2b9
Conclusion:
The resolvectl command is an essential utility for anyone dealing with networks, domains, or DNS configurations. Whether you’re resolving domain names, checking DNS settings, or querying various DNS records, resolvectl provides a wealth of functionalities to suit different DNS-related needs. Each use case demonstrates the versatility of resolvectl, making it a crucial part of your networking toolkit.
