How to free port 53 used by systemd-resolved in Ubuntu

Ubuntu supports listening on port 53 by default with systemd permission. If you want to run your own DNS server, you cannot, because port 53 is already in use, so you will receive an error message like this: “listen tcp 0.0.0.0:53: bind: address already in use”.

This article explains how to prevent systemd-resolved from using port 53 in Ubuntu. The instructions have been tested on Ubuntu 20.04, but should also work on other Ubuntu versions like Ubuntu 18.04, the upcoming Ubuntu 20.10, and Ubuntu-based Linux distributions like Pop! _OS, Zorin OS, Elementary OS, Linux Mint and others. In principle, this works on any system with systemd version 232 or newer.

To find out if port 53 is in use on your system use:

sudo lsof -i :53

Sample output showing systemd-resolved is using port 53 by default on Ubuntu 20.04:

$ sudo lsof -i :53

COMMAND   PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 610 systemd-resolve   12u  IPv4  19377      0t0  UDP localhost:domain 
systemd-r 610 systemd-resolve   13u  IPv4  19378      0t0  TCP localhost:domain (LISTEN)

If you are not receiving any output, it means that port 53 is not in use.

How to prevent systemd-resolved from using port 53 in Ubuntu

It’s worth noting that you can free port 53 by simply uncommenting the DNSStubListener and setting it to no in /etc/systemd/resolved.conf. The rest of the steps are for enabling a DNS server – without it, your system won’t be able to resolve any domain names, so you won’t be able to visit websites in a web browser, etc.

1. Edit /etc/systemd/resolved.conf with a text editor (as root), for example open it with the Nano console text editor:

sudo nano /etc/systemd/resolved.conf

And uncomment (remove the # from the beginning of the line) the DNS = line and the DNSStubListener = line. Then change the DNS = value in this file to the DNS server you want to use (e.g. 127.0.0.1 to use a local proxy, 1.1.1.1 to use Cloudflare DNS, etc.), and also change the DNSStubListener = value from yes to no.

This is how the file should look after you have made these changes (we are using 1.1.1.1 as the DNS server here, i.e. Cloudflare DNS):

[Resolve]
DNS=1.1.1.1
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no
DNSStubListener=no
#ReadEtcHosts=yes

To save the file using the Nano text editor, press Ctrl + x, then type y and press Enter.

2. Create a symbolic link for /run/systemd/resolve/resolv.conf to /etc/resolv.conf as destination:

sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf

Here the -s option is for creating a symbolic link, not a hard link, and -f is for removing any existing destination files (so it is removed, /etc/resolv.conf if it exists).

3. Reboot your system.

Port 53 should now be free on your Ubuntu system and you should no longer receive errors such as “listen tcp 127.0.0.1:53: bind: address already in use”.

You can check if port 53 is in use or not by running it sudo lsof -i: 53- if port 53 is not in use this command should not show any output.

How to undo changes

Do you want to undo the changes you made by following the instructions in this article? This is what you have to do.

1. Start by editing /etc/systemd/resolved.conf in a text editor (as root), for example open it in the Nano console text editor:

sudo nano /etc/systemd/resolved.conf

And comment out (add # before the line) DNS = and DNSStubListener = no then save the file. To save the file using the Nano text editor, press Ctrl + x, then type y and press Enter.

2. Remove the /etc/resolv.conf symlink:

sudo rm /etc/resolv.conf

3. Reboot your system.

Sidebar