diff --git a/dns/dns_unix.go b/dns/dns_unix.go
index 0db05b2f..02e591f2 100644
--- a/dns/dns_unix.go
+++ b/dns/dns_unix.go
@@ -3,11 +3,13 @@ package dns
 import (
 	"context"
 	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
 	"io/fs"
 	"io/ioutil"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/client-go/kubernetes"
+	"os"
 	"path/filepath"
 )
 
@@ -17,14 +19,17 @@ func Dns(clientset *kubernetes.Clientset) error {
 	if dnsIP, err = GetDNSIp(clientset); err != nil {
 		return err
 	}
-	filename := filepath.Join("etc", "resolver", "local")
+	if err = os.MkdirAll(filepath.Join("/", "etc", "resolver"), fs.ModePerm); err != nil {
+		log.Error(err)
+	}
+	filename := filepath.Join("/", "etc", "resolver", "local")
 	fileContent := "nameserver " + dnsIP
 	return ioutil.WriteFile(filename, []byte(fileContent), fs.ModePerm)
 }
 
 func GetDNSIp(clientset *kubernetes.Clientset) (string, error) {
 	serviceList, err := clientset.CoreV1().Services(v1.NamespaceSystem).List(context.Background(), v1.ListOptions{
-		LabelSelector: fields.OneTermEqualSelector("k8s-app", "kube-dns").String(),
+		FieldSelector: fields.OneTermEqualSelector("metadata.name", "kube-dns").String(),
 	})
 	if err != nil {
 		return "", err
diff --git a/go.mod b/go.mod
index a11f9156..44d40a58 100644
--- a/go.mod
+++ b/go.mod
@@ -9,6 +9,7 @@ require (
 	github.com/google/uuid v1.1.2
 	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6
 	github.com/onsi/ginkgo v1.14.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/shadowsocks/go-shadowsocks2 v0.1.5 // indirect
 	github.com/sirupsen/logrus v1.8.1
 	github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37 // indirect
diff --git a/pkg/main.go b/pkg/main.go
index aab72171..907e98ff 100644
--- a/pkg/main.go
+++ b/pkg/main.go
@@ -10,6 +10,7 @@ import (
 	restclient "k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 	"k8s.io/client-go/util/homedir"
+	"kubevpn/dns"
 	"kubevpn/exe"
 	"kubevpn/remote"
 	"net"
@@ -94,6 +95,12 @@ func main() {
 	<-readyChan
 	log.Info("port forward ready")
 
+	if err := dns.Dns(clientset); err != nil {
+		log.Fatal(err)
+	} else {
+		log.Info("dns service ok")
+	}
+
 	if err := start(); err != nil {
 		log.Fatal(err)
 	}