Ubuntu – Why nslookup result always comes from server


I find quite confused that nslookup always get result from Server

Does it because Ubuntu uses a local DNS cache by dnsmasq? But I have closed it and flushed my dns cache, then nslookup a host that I have never visited, then the output is still

That makes me quite confused. Can anyone explain this for me?
By the way, my DNS server is set to

Best Answer

By default Ubuntu does indeed cache DNS entries with Dnsmasq. Dnsmasq does a lookup when a DNS entry is not in its cache, which is why you'll always see the localhost ( IP address when doing a DNS lookup without specifying the nameserver.

In the manpage it's explained as follows:

Dnsmasq accepts DNS queries and either answers them from a small, local, cache or forwards them to a real, recursive, DNS server. It loads the contents of /etc/hosts so that local hostnames which do not appear in the global DNS can be resolved and also answers DNS queries for DHCP configured hosts.

This behaviour can be overridden by editing /etc/NetworkManager/NetworkManager.conf and changing dns=dnsmasq to #dns=dnsmasq, after which you'll need to restart the network-manager service (sudo service network-manager restart).

More information can be found in the community documentation and in the manpage.