In Docker, containers generally rely on DNS (Domain Name System) for resolving domain names to IP addresses, like other networked applications. By default, Docker automatically manages the DNS settings through the internal DNS server, ensuring that all containers can communicate with each other and access the internal network smoothly.
However, in certain environments, such as private networks, corporate setups, or when using custom domain mappings, you may need to override Docker’s default DNS behavior. Understanding how Docker container DNS works enables you to add custom DNS servers to containers, manage DNS settings in Compose and daemon configurations.
How Docker Handles DNS Resolution
Docker uses an embedded DNS server to manage name resolution for containers running on user-defined networks. The built-in server allows containers to communicate with others using container names that are defined instead of IP addresses, which often change.
When a container tries to resolve a domain name, Docker first checks if the requested name matches another container name within the same network. If it does not, then the request is forwarded to the DNS servers defined on the host or in the Docker configuration.
This approach ensures seamless inter-container communication and consistent name resolution across multiple containers, regardless of their runtime IPs.
Default Docker DNS Configuration
By default, Docker automatically assigns DNS servers to containers based on the precedence order.
Get exclusive access to all things tech-savvy, and be the first to receive
the latest updates directly in your inbox.
- Custom DNS servers defined at container runtime (using –dns or docker-compose.yml).
- DNS servers are specified in the Docker daemon configuration file (/etc/docker/daemon.json).
- Host system DNS servers listed in /etc/resolv.conf.
Docker’s internal DNS server listens at 127.0.0.11 for containers connected with the user-defined bridge networks. This internal resolver is what enables container name to IP mapping within a Docker network.
You can confirm the active DNS server by checking the container’s /etc/resolv.conf file after startup.
Viewing Docker Container DNS Settings
To view which DNS servers a container is using, you can inspect the container’s configuration or check its internal resolver file.
Method 1: Using docker inspect
docker inspect <container_name> | grep DNS
This shows the DNS servers configured for the container.
Method 2: Checking from Inside the Container
docker exec -it <container_name> cat /etc/resolv.conf
This file would list all the active nameservers and search domains used by the container.
These commands allow you to ensure whether Docker is using its internal DNS server or a custom one that you specified.
How to Add a Custom Docker Container DNS
By default, Docker containers inherit DNS settings from the host machine or Docker’s internal DNS. However, you can specify custom DNS servers when launching containers. This is particularly useful in corporate environments, private networks, or when containers must use internal resolvers instead of public DNS servers like Google or Cloudflare.
Using the –dns Flag
When initializing a container, you can use the –dns option using the docker run to define either one or more custom DNS servers.
Example:
docker run -d \
–name myapp \
–dns 8.8.8.8 \
–dns 1.1.1.1 \
nginx
In this example:
- The container will then use Google’s DNS (8.8.8.8) and Cloudflare’s DNS (1.1.1.1).
- You can specify multiple –dns flags to define fallback resolvers.
To verify the configuration:
docker exec -it myapp cat /etc/resolv.conf
You will see the nameservers you defined in a list here.
Setting DNS in Docker Compose
If you are managing multiple containers using Docker Compose, you can configure custom DNS servers in the service definition under the dns key.
Example docker-compose.yml:
version: “3.8”
services:
web:
image: nginx
container_name: web_container
dns:
– 8.8.8.8
– 1.=.1.1
Run your stack with:
docker compose up -d
Each container in this Docker Compose setup will now use the specified DNS servers.
You can then also define DNS globally for all services in the Docker Compose file by adding the dns configuration at the top level, under the services key.
Configuring DNS at the Docker Daemon Level
If you need to apply custom configurations to all the containers by default, you can configure them using the Docker daemon configuration file. Here is how you can do it:
- Open or create the daemon configuration file:
sudo nano /etc/docker/daemon.json
- Add your preferred DNS servers:
{ = “dns”: [“8.8.8.8”, “1.1.1.1”]
}
- Restart the Docker service to apply the changes:
sudo systemctl restart docker
All the new containers that start after changing the settings will use these DNs servers unless overridden by container-specific settings.
Using a Dedicated Docker Container DNS
In more advanced environments, you can make use of a dedicated server container to manage internal name resolution of the services. For example, you can use containers like dnsmasq or CoreDNS within a Docker network to resolve container names, internal domains, or even cache DNS results for faster lookups.
Example:
docker run -d \
–name mydns \
–network mynetwork \
andyshinn/dnsmasq \
-A /internal.local/192.168.1.100
Then, other containers on the same network can use it as their DNS resolver:
docker run -d \
–name webapp \
–network mynetwork \
–dns 172.18.0.2 \
nginx
This approach has improved control, isolation, and performance in large self-hosted environments.
Common DNS Issues in Docker and Fixes
| Issue | Possible Cause | Solution |
| Containers can’t resolve domain names | Missing or incorrect DNS configuration | Check /etc/resolv.conf inside the container and update using –dns or daemon settings. |
| Internal container names are not resolving | Container not on a user-defined network | Create a bridge network (docker network create mynet) and connect containers to it. |
| Slow DNS lookups | DNS caching issues or network latency | Use a local caching DNS container like dnsmasq or reduce upstream DNS latency. |
| DNS works on the host, but not in containers | Docker is using the outdated /etc/resolv.conf from the host | Restart Docker to refresh the DNS configuration. |
| Custom DNS is not applied in Compose | YAML syntax or indentation errors | Verify correct dns: structure in docker-compose.yml. |
Best Practices for Managing Docker Container DNS
- User-defined bridge networks ensure that the containers can resolve each other by name automatically.
- Apply consistent DNS settings across all containers to avoid any type of conflict.
- Leveraging caching DNS containers with tools like CoreDNS or dnsmasq can improve DNS resolution speed and reliability.
- Use environment variables to promote flexibility.
- Ensure that you update configurations to avoid any issues.
- If using a custom DNS container, track performance and resolution latency to detect issues early.
Conclusion
Proper DNS configuration is essential to maintain stable and secure container communication in the Docker environment. By following the right practices, you can make the most of it.
FAQs
How does Docker handle DNS resolution?
Docker uses an internal DNS server to manage container name resolution. By default, containers can communicate using their names within the same user-defined network.
Can I configure DNS settings globally for all Docker containers?
Yes. Edit or create the /etc/docker/daemon.json file and add a "dns" entry with your preferred DNS servers, then restart the Docker daemon.
What should I do if Docker containers can’t resolve DNS names?
Check if your containers are using the correct network and DNS configuration. Restarting Docker or specifying a public DNS (like 8.8.8.8) often resolves the issue.
