Command configuration
To view or configure Docker’s DNS servers, you can use the following methods:
-
View Docker’s DNS configuration:
- On Linux, you can view Docker’s DNS configuration by running the following command:
docker info | grep -i dns
- On Windows and macOS, DNS configuration can be found in Docker Desktop's settings.
- On Linux, you can view Docker’s DNS configuration by running the following command:
-
Configure Docker’s DNS server:
- On Linux, you can
daemon.json
configure the DNS server by editing Docker's configuration file. This file is usually located/etc/docker/
in the directory. The configuration file can be opened using the following command:
Add or modify the field in the configuration filesudo nano /etc/docker/daemon.json
dns
to specify the desired DNS server address, for example:
After saving the configuration file, restart the Docker service.{ "dns": ["8.8.8.8", "8.8.4.4"] }
- On Windows and macOS, you can use Docker Desktop's settings interface to configure the DNS server. Open Docker Desktop, click the Docker icon on the system tray, select "Settings", then select the "Daemon" tab, add the required DNS server address in the "DNS" section, save the changes, and restart Docker.
- On Linux, you can
Configure in docker-compse
daemon.json
If you need to keep the DNS configuration consistent in Docker Compose , you can use daemon.json
the same DNS server configuration. The following is an example docker-compose.yml
file that would be used with daemon.json
the same DNS server configuration:
version: '3'
services:
myapp:
image: myapp
dns:
- 127.0.0.11
- 114.114.114.114
- 8.8.8.8
dns_search:
- ""
In the above example, dns
the field specifies daemon.json
the same DNS server configuration as the field, and dns_search
the field is set to an empty string, indicating that the default search domain is not used.
Mount configuration, mount the host's resolv.conf
Mount path
- "/etc/resolv.conf:/etc/resolv.conf"
127.0.0.11 resolution server
127.0.0.11
is a special IP address, which is Docker's default DNS resolver. When you use the default DNS resolver inside a Docker container, the container sends DNS queries to 127.0.0.11
this address.
Inside Docker, the container runs its own DNS server, which handles DNS queries inside the container. Therefore, when applications inside the container need DNS resolution, they send DNS queries to 127.0.0.11
this address.
127.0.0.11
Only works within the Docker network and cannot be accessed through the host or other networks. This address is only used for DNS resolution inside the container.
Enter the container and use ping test
To get into the container and use ping
the command, you can use docker exec
the command. Here are the specific steps:
-
First, use
docker ps
the command to view the list of running containers and find the ID or name of the container you want to enter. -
Run the following command to enter the container's command line terminal:
docker exec -it <容器ID或名称> /bin/bash
This will enter the container's command line terminal in interactive mode. If bash is not installed in the container, you can try using
/bin/sh
or other available shells. -
ping
After entering the container, you can execute commands in the command line terminal , for example:ping <目标IP或域名>
Replace
<目标IP或域名>
with the IP address or domain name of the target you want to ping.
Note that to use docker exec
the command to enter a container, the container must be running. If the container is stopped, docker start
start the container first using the command.
Test DNS domain name resolution in the container
ping
To test whether the container can resolve the domain name, you can use the or command inside the container nslookup
. Here are two methods:
-
Use
ping
the command to test domain name resolution:- Enter the command line terminal of the container and use
docker exec
the command mentioned above. - Inside the container, run
ping
the command and specify the domain name, for example:ping example.com
- If the container is able to resolve and communicate with the domain name, output similar to the following will be displayed:
PING example.com (93.184.216.34): 56 data bytes 64 bytes from 93.184.216.34: icmp_seq=0 ttl=57 time=13.571 ms ...
- Enter the command line terminal of the container and use
-
Use
nslookup
the command to test domain name resolution:- Enter the command line terminal of the container.
- Inside the container, run
nslookup
the command and specify the domain name, for example:nslookup example.com
- If the container is able to resolve the domain name, output similar to the following will be displayed:
Server: 127.0.0.11 Address 1: 127.0.0.11 Name: example.com Address 1: 93.184.216.34
Please note that the above command only tests domain name resolution inside the container. If the DNS configuration inside the container is incorrect or the container cannot access the DNS server, domain name resolution may fail.
Use dig
the command to perform domain name resolution
If nslookup
the error message "bash: nslookup: command not found" appears when executing a command inside a container, it means that nslookup
the command is not installed in the container.
In some base images, such as Alpine, etc., nslookup
the command may not be included. You can try using other available commands to test domain name resolution.
An alternative is to use dig
the command to perform domain name resolution. The following is dig
an example of using the command:
- Enter the command line terminal of the container.
- Inside the container, run
dig
the command and specify the domain name, for example:dig example.com
- If the container is able to resolve the domain name, output similar to the following will be displayed:
; <<>> DiG 9.10.3-P4-Debian <<>> example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34350 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;example.com. IN A ;; ANSWER SECTION: example.com. 604800 IN A 93.184.216.34 ;; Query time: 2 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon May 10 15:32:39 UTC 2021 ;; MSG SIZE rcvd: 56
If the command is not installed in the container dig
, you can try using other available commands such as ping
or curl
to test domain name resolution.
Install dig command to linux server
To install the command on a Linux system dig
, you can follow the steps below:
-
Open a terminal or command prompt.
-
Use the package manager appropriate for your Linux distribution to install
dig
the command. The following are installation commands for some common Linux distributions:-
Debian or Ubuntu:
sudo apt-get install dnsutils
-
CentOS or RHEL:
sudo yum install bind-utils
-
Fedora:
sudo dnf install bind-utils
-
Arch Linux:
sudo pacman -S bind-tools
Depending on your distribution, run the appropriate command to install
dig
the command. -
-
After the installation is complete, you can run commands in the terminal
dig
to perform domain name resolution. For example:dig example.com
dig
In this way, you can use the command to perform domain name resolution on the Linux system .
“Unable to locate package dnsutils” error
If dnsutils
you encounter the error message "Unable to locate package dnsutils" during the installation process, it means that the package is not available in the software source of the distribution you are using.
dnsutils
It is a commonly used network toolkit that contains dig
commands for performing operations such as domain name resolution.
In some distributions, dnsutils
it may be named something else, or may not be included in the default software repositories. You can try the following solutions:
-
Update the package list: Run the following command to update the package list and try the installation again
dnsutils
:-
Debian or Ubuntu:
sudo apt update
-
CentOS or RHEL:
sudo yum update
-
Fedora:
sudo dnf update
-
-
Check the package name: in some distributions,
dnsutils
it is calledbind-utils
. Try installingbind-utils
:-
Debian or Ubuntu:
sudo apt install bind9-dnsutils
-
CentOS or RHEL:
sudo yum install bind-utils
-
Fedora:
sudo dnf install bind-utils
-
-
Check software sources: You may need to add additional software sources or update software source configurations to ensure they
dnsutils
are available. You can consult the documentation for your distribution to learn how to add or update software sources.
If none of the above works, you can try searching for alternative toolkits for your distribution, or contact the distribution's community or administrators for support and advice.
Note that different distributions and versions may have different package names and software source configurations.
Flush DNS cache
To flush the DNS cache, the specific steps depend on the operating system you are using. The following are methods for refreshing the DNS cache of several common operating systems:
-
Windows system:
- Open the Command Prompt (CMD) window by pressing Win key + R, then enter
cmd
and press Enter. - In the Command Prompt window, enter the following command and press Enter:
ipconfig /flushdns
- Open the Command Prompt (CMD) window by pressing Win key + R, then enter
-
macOS system:
- Open the Terminal application by pressing the Command key + Spacebar and then typing "Terminal".
- In a terminal window, enter the following command and press Enter:
sudo killall -HUP mDNSResponder
-
Linux system:
- Open the Terminal application.
- In a terminal window, enter the following command and press Enter:
- Ubuntu/Debian:
sudo systemctl restart systemd-resolved
- CentOS/Fedora:
sudo systemctl restart NetworkManager
- Ubuntu/Debian:
Note that flushing the DNS cache may require administrator privileges, so on Windows and macOS systems you may need to run the command as administrator or superuser.
After flushing the DNS cache, your computer will requery the DNS server to obtain the latest domain name resolution results.
Test target website using curl
You can use curl
command line tools to test access to the target website. Here is an curl
example command to access the target website using :
curl https://api.weixin.qq.com/cgi-bin/token //替换为你自己解析的域名url
This command will https://api.weixin.qq.com/cgi-bin/token
send a GET request to and print the server's response to the terminal.
Please make sure that your computer has the command line tools installed curl
and can be run through the terminal or command prompt.
After running the above command, observe the terminal output and you will see the response results of the target website. If the response can be obtained successfully, it means that the target website can be accessed normally.