Linux Update Client using 8.8.8.8 for DNS and not the configured dns server Linux Update Client using...

Topic: Linux Update Client using 8.8.8.8 for DNS and not the configured dns server

Post Linux Update Client using 8.8.8.8 for DNS and not the configured dns server
by grahamxpromz on Thursday, March 8, 2018

Why does the Linux (Ubuntu) client not use the configured dns servers?
In my environment, hosts must use the local dns resolver as the firewall block any attempts to bypass it.

The other DYNU clients (Chrome and Windows) use the hosts configured dns, but Ubuntu Linux client seems to be hard coded to use 8.8.8.8. As Googles dns servers are blocked, the service fails to update unless the firewall allows the connection.

Is there some way to change this behavior or am I somehow mistaken.

Reply with quote | Report
Post Re: Linux Update Client using 8.8.8.8 for DNS and not the configured dns server
by grahamxpromz on Sunday, March 11, 2018

In addition to the hard coded Google DNS there is a periodic query sent to ns1.dynu.com for a AAAA record (hostname).(username).tag.gtagging.com
The gtagging.com domain is not currently assigned and looks like it is used to check what IP address is currently registered. Although I also see DNS lookups for ipcheck.dynu.com and ipcheckv6.dynu.com to determine the "public" IP address.

What functionality is lost if this is blocked?


The Chrome Extension does not seem to exhibit any of these behaviors and my reason for asking is the hosts are in a restricted DMZ, so if a host does become compromised, the traffic they can generate is not only logged but can be controlled so I don't become part of some DDoS botnet and if I do get hacked, I should find out and should be able to restrict the impact until I fix it. Hence why everything is whitelisted and I don't want to enable anything unless required for functionality

Reply with quote | Report
Monday, November 18, 2024 5:41 PM
Loading...