ErrorNotes

Fix 'Temporary failure in name resolution' on Linux

intermediate๐Ÿง Linux2026-03-20| Linux (Ubuntu, Debian, CentOS, Arch) โ€” bare metal, VMs, Docker containers, WSL2

Error Message

Temporary failure in name resolution
#linux#network#dns#name resolution

Context

DNS is broken. That's the short version. This error appears whenever Linux can't resolve a hostname to an IP address โ€” you'll see it with curl, apt, ping, wget, pretty much anything that uses a domain name:

$ curl https://example.com
curl: (6) Could not resolve host: example.com

$ ping google.com
ping: google.com: Temporary failure in name resolution

$ apt update
Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
  Temporary failure in name resolution

Network connectivity is usually fine. The culprit is almost always one of: an empty or broken resolv.conf, a crashed systemd-resolved, a misconfigured nameserver entry, or a container that never had DNS set up properly.

Debug Process

Step 1 โ€” Check if it's a DNS-only problem

Ping by IP, not by hostname:

ping -c 3 8.8.8.8

Succeeds? Great โ€” network is fine, pure DNS issue. Fails? Stop here and check your interface, default gateway, and routing table first.

Step 2 โ€” Check resolv.conf

cat /etc/resolv.conf

A working file has at least one nameserver line:

nameserver 8.8.8.8
nameserver 1.1.1.1

Empty file? Missing file? Only nameserver 127.0.0.53 with nothing listening on it? That's your problem right there.

Step 3 โ€” Check if systemd-resolved is running (Ubuntu/Debian)

systemctl status systemd-resolved

A failed or inactive service means nothing is listening on 127.0.0.53 โ€” exactly what /etc/resolv.conf is pointing at. DNS breaks silently as a result.

Step 4 โ€” Test DNS manually

# Query a specific DNS server directly
nslookup google.com 8.8.8.8

# Or with dig (more detail)
dig @8.8.8.8 google.com

Resolves correctly? The nameserver itself is working. The problem is upstream โ€” how Linux is configured to reach it, not the server.

Step 5 โ€” Check inside Docker / containers

Running this inside a container? Check both sides:

cat /etc/resolv.conf  # inside container
docker inspect  | grep -i dns

Host DNS issues bleed straight through into containers. Don't assume the container inherited a working config.

Solution

Fix 1 โ€” Manually add nameservers to resolv.conf (quick fix)

The fastest way to get unblocked โ€” works on any Linux system:

sudo nano /etc/resolv.conf

Add or replace with:

nameserver 8.8.8.8
nameserver 1.1.1.1

Test immediately:

ping -c 2 google.com

Heads up: On systems managed by systemd-resolved or NetworkManager, this file gets overwritten on reboot. Use one of the fixes below to make it stick.

Fix 2 โ€” Restart systemd-resolved (Ubuntu/Debian)

sudo systemctl restart systemd-resolved
sudo systemctl enable systemd-resolved

Re-link resolv.conf to the stub resolver:

sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Fix 3 โ€” Set DNS via NetworkManager (desktop/server with NM)

# List connections
nmcli connection show

# Set DNS on your active connection (replace 'eth0' with your connection name)
nmcli connection modify eth0 ipv4.dns "8.8.8.8 1.1.1.1"
nmcli connection modify eth0 ipv4.ignore-auto-dns yes
nmcli connection up eth0

Fix 4 โ€” Permanent fix via /etc/systemd/resolved.conf

Edit the systemd-resolved config directly:

sudo nano /etc/systemd/resolved.conf

Uncomment and set:

[Resolve]
DNS=8.8.8.8 1.1.1.1
FallbackDNS=9.9.9.9

Restart to apply:

sudo systemctl restart systemd-resolved

Fix 5 โ€” Docker DNS fix

Create or edit /etc/docker/daemon.json:

{
  "dns": ["8.8.8.8", "1.1.1.1"]
}

Restart Docker:

sudo systemctl restart docker

Need to fix just one container without touching the daemon? Pass DNS at runtime:

docker run --dns 8.8.8.8 your-image

Fix 6 โ€” WSL2 specific

WSL2 auto-generates resolv.conf โ€” and sometimes gets it wrong. Disable auto-generation first:

sudo nano /etc/wsl.conf

[network]
generateResolvConf = false

Then set nameservers manually:

sudo rm /etc/resolv.conf
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf

Restart WSL from PowerShell: wsl --shutdown

Verification

# Basic hostname resolution
ping -c 3 google.com

# Full end-to-end check
curl -I https://example.com

# Check what DNS server is actually being used
resolvectl status       # systemd-resolved systems
nslookup google.com     # shows which server answered

# For apt specifically
sudo apt update

Tips

When you're dealing with IP/subnet misconfiguration alongside DNS issues โ€” common in VMs and cloud setups โ€” the Subnet Calculator on ToolCraft saves time verifying CIDR ranges and network addresses. I reach for it when configuring static IPs and want to confirm the gateway actually sits in the same subnet before chasing DNS ghosts.

Lessons Learned

  • Start with /etc/resolv.conf โ€” roughly 80% of cases are either an empty file or one pointing to a dead stub resolver.
  • Direct edits to resolv.conf are temporary on managed systems. The right permanent fix depends on who owns DNS: systemd-resolved, NetworkManager, or manual config.
  • Docker containers don't inherit a working DNS config automatically. Broken host DNS bleeds through. Set it explicitly in daemon.json and stop assuming.
  • WSL2 deserves its own playbook โ€” disable auto-generation and own the resolv.conf yourself if this keeps coming back.
  • ping 8.8.8.8 fails but ping 127.0.0.1 works? Stop debugging DNS. You have a routing or gateway problem, not a nameserver problem.

Related Error Notes

Fix "Operation not permitted" When Root Can't Delete or Modify Files (chattr Immutable Flag)

rm: cannot remove 'config.conf': Operation not permitted

Fixing the 'GLIBC_2.34 Not Found' Error: 4 Practical Solutions

/lib/x86_64-linux-gnu/libc.so.6: version 'GLIBC_2.34' not found

Fixing 'umount: target is busy' Error on Linux

umount: /mnt/data: target is busy.