Why nslookup result always comes from server 127.0.0.1

I find quite confused that nslookup always get result from Server 127.0.0.1

Does it because Ubuntu uses a local DNS cache by dnsmasq? But I have closed it and flushed my dns cache, then nslookup a host that I have never visited, then the output is still 127.0.0.1.

That makes me quite confused. Can anyone explain this for me? By the way, my DNS server is set to 8.8.8.8.

By default Ubuntu does indeed cache DNS entries with Dnsmasq. Dnsmasq does a lookup when a DNS entry is not in its cache, which is why you'll always see the localhost (127.0.0.1) IP address when doing a DNS lookup without specifying the nameserver.

In the manpage it's explained as follows:

Dnsmasq accepts DNS queries and either answers them from a small, local, cache or forwards them to a real, recursive, DNS server. It loads the contents of /etc/hosts so that local hostnames which do not appear in the global DNS can be resolved and also answers DNS queries for DHCP configured hosts.

This behaviour can be overridden by editing /etc/NetworkManager/NetworkManager.conf and changing dns=dnsmasq to #dns=dnsmasq, after which you'll need to restart the network-manager service (sudo service network-manager restart).

More information can be found in the community documentation and in the manpage.

check if

cat /etc/NetworkManager/NetworkManager.conf

[main]

plugins=ifupdown,keyfile

dns=dnsmasq

[ifupdown]

managed=false

hash(#) out dns=dnsmasq

save the file and restart networking.

If you don’t want a local resolver you can turn it off DNSMASQ using the following procedure

You need to edit /etc/NetworkManager/NetworkManager.conf file

gksudo gedit /etc/NetworkManager/NetworkManager.conf

and comment out the following line from

dns=dnsmasq

to

#dns=dnsmasq

Save and exit the file

Now you need to network-manager using the following command

sudo restart network-manager

Ref: http://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/