Randomize DNS Nameservers
Is it possible to list multiple nameservers in /etc/resolv.conf on a Unix system and resolve dns queries using a random nameserver when making a dns query and not just the first one?
For Linux systems, I use the timeout
and rotate
options in /etc/resolv.conf
... I usually lower the DNS timeout to 1 second.
timeout:n
sets the amount of time the resolver will wait for a response from a remote name server
before retrying the query via a different name server. Measured in seconds, the
default is RES_TIMEOUT (currently 5, see <resolv.h>). The maximum value for this
option is silently capped to 30.
and
rotate
sets RES_ROTATE in _res.options, which causes round robin selection of nameservers from
among those listed. This has the effect of spreading the query load among all listed
servers, rather than having all clients try the first listed server first every time.
There are different kinds of randomization or pseudo-randomization of DNS resolving on Linux.
With libc resolver and /etc/resolv.conf
"options rotate" is a kind a client-side round-robin and as such can be considered as a poor-man randomization. However, libc resolver supports at most 3 different servers. Here is a sample /etc/resolv.conf
that uses 3 popular and reliable public DNS servers.
options timeout:1
options rotate
# resolver1.level3.net
nameserver 209.244.0.3
# resolver1.opendns.com
nameserver 208.67.222.222
# google-public-dns-a.google.com
nameserver 8.8.8.8
With unbound
With unbound, one can also specify multiple resolvers (more than 3). The randomization is documented as follows:
The fastest server (randomly picked within a so-called RTT band of 400 msec) is selected when a query has to be sent out
https://www.unbound.net/documentation/info_timeout.html
In /etc/resolv.conf
:
nameserver 127.0.0.1
In /etc/unbound/unbound.conf
:
forward-zone:
name: "."
# google
#forward-addr: 8.8.8.8
# fnd.org
forward-addr: 80.67.169.12
# comodo
forward-addr: 8.26.56.26
# level 3
forward-addr: 209.244.0.3
Short answer: No, it's not.
Longer answer: While nearly all Unix variants use the file /etc/resolv.conf for global name resolution configuration, nowhere close to all of them actually use the same resolver library to do the job. It may be that your particular variant of Unix can do what you want, but to find that out you'll have to read its own documentation. Also, it will not be portable at all.