TIL

TIL - DNS queries with multiple interfaces

Posted by Marcus Folkesson on Thursday, March 26, 2026

TIL - DNS queries with multiple interfaces

TIL, Today I Learned, is more of a "I just figured this out: here are my notes, you may find them useful too" rather than a full blog post

I must admin that I'm not one of those network gurus that knows everything about every protocol out there and how they work. But I have a pretty good understanding how things works, or at least that's what I tell myself :-)

Anyway, I had a situation where I had multiple network interfaces (PPP and WLAN) on an embedded system where I wanted to control on which interface the data should go, but things didn't work out as expected.

/media/tux-what-is-your-name.png

I wrote a post about metric values in routing tables a while ago [1], and my first thought was that I just should adjust the metric values for the interfaces and everything should be good.

Well, It works, as long as you don't working with DNS names.

Routing != DNS resolution

The short answer is that DNS queries is handled per-link by systemd-resolved, not by the kernel routing metric as all other traffic.

Even if e.g. ppp0 has a default route with the lowest metric value:

1 $ ip route
2default dev ppp0 scope link  metric 200 
3default via 192.168.1.1 dev wlan0  src 192.168.1.153  metric 302 
4default via 192.168.1.1 dev wlan0  src 192.168.1.153  metric 600 
510.0.0.1 dev ppp0 scope link  src 100.77.18.78 
6192.168.1.0/24 dev wlan0 scope link  metric 302 
7192.168.1.0/24 dev wlan0 scope link  src 192.168.1.153  metric 600

DNS queries could still go through wlan0:

1 $ resolvectl query www.marcusfolkesson.se
2www.marcusfolkesson.se: 46.101.69.237          -- link: wlan0
3
4-- Information acquired via protocol DNS in 223.3ms.
5-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
6-- Data from: network

So you basically end up in a situation where DNS goes via one interface and traffic via another.

Change interface for DNS queries

So, I also had to change the default interface for DNS queries.

Lets say that I want to switch DNS queries to ppp0 instead of wlan0.

First, make ppp0 the fefault DNS route:

1resolvectl default-route ppp0 yes
2resolvectl default-route wlan0 no

Let ppp0 handle all global queries:

1resolvectl domain ppp0 ~.
2resolvectl domain wlan0 ""

Flush the DNS cache:

1resolvectl flush-caches

So, now all DNS queries will go through ppp0 instead:

1 $ resolvectl query www.marcusfolkesson.se
2
3www.marcusfolkesson.se: 46.101.69.237          -- link: ppp0
4
5-- Information acquired via protocol DNS in 259.7ms.
6-- Data is authenticated: yes; Data was acquired via local or encrypted transport: yes
7-- Data from: network
CATALOG
    FEATURED TAGS
    ai audio beer birds blacksmith booting buildroot camera clockwork cultivation debugging device drivers dnd docker gcc git go ham home control hugo i2c knives leatherwork libostree linux linux kernel network programming qemu radio repair reverse engineering swupdate systemd til tools u-boot udev v4l2 vim wireless yocto zephyr