Also, I said previously that I can't edit DNS settings through nm-applet. However, I could do this through nm-connection-editor, so I did. Now everything (NetworkManager, dig, nslookup) shows that I'm using OpenDNS servers, but when I open OpenDNS test sites, they still don't work as they should. What the heck?
From OpenDNS site:
[...] we suggest to contact your ISP and confirm that they are not running a proxy. Also ask them if they allow 3rd-party DNS services, such as OpenDNS or Google DNS.
Maybe that's the issue?
]]>It doesn't work, it provides the same exact results as in this post.
IDK, does a simple computer reboot is enough to clear DNS cache?
]]> # chattr +i /etc/resolv.conf
Thiis will preserve your changes. To remove the bit execute : ( as root )
# chattr -i /etc/resolv.conf
Last time I used NM, it was 2009, so you might want to set DNS in NM's GUI, not in dhclient.
The thing is, I can't do it in NM's GUI. The save button is not active, even if I'm not connected to this network.
]]>If you disabled request for DNS servers in dhclient config and manually modified resolv.conf, then why do you need "prepend"? I mean, dhclient *by itself* should not touch resolv.conf even if the file is rw.
Last time I used NM, it was 2009, so you might want to set DNS in NM's GUI, not in dhclient. Alternatively, try disabling NM and manually running dhclient. What is the result of opendns tests in this case?
]]>Uninstalled unbound. Changed /etc/resolv.conf to point to OpenDNS and made it readonly. Copied /etc/dhclient.conf.example to /etc/dhclient.conf. Made some changes in it: deleted 'domain-name-servers' from 'request' line and added 'prepend domain-name-servers 208.67.222.222,208.67.220.220;' above that line.
~ $ dig archlinux.org | grep SERVER
;; SERVER: 208.67.222.222#53(208.67.222.222)
~ $ nslookup archlinux.org
Server: 208.67.222.222
Address: 208.67.222.222#53
Non-authoritative answer:
Name: archlinux.org
Address: 66.211.214.131
However, OpenDNS test sites still don't tell me that I'm using OpenDNS and NetworkManager shows router's DNS server.
]]>My local provider has a little bit screwed up DNS servers and I want to force Arch to use Google's DNS.
I added their IPs to /etc/resolv.conf.head and they properly appear in /etc/resolv.conf, but as we know, /etc/resolv.conf is a list of suggested DNS IPs, not mandatory ones, so NetworkManager still uses DNS adresses from the router.
~ $ dig archlinux.org | grep SERVER ;; SERVER: 192.168.11.1#53(192.168.11.1)
The thing is I have no access to this router, so can I force Arch to use Google's DNS by setting up some iptables rules?
First, iptables has nothing to do with DNS servers in general, although you can use it to filter certain DNS queries.
Second, you don't need any DNS caching service like bind/dnsmasq/... All you need to do is manually modify /etc/resolv.conf and put there your preferred DNS servers. For example, I use netcfg and dhcpcd, and
$ cat /etc/resolv.conf
# Google DNS
nameserver 8.8.8.8
nameserver 8.8.4.4
# My router (comcast)
#nameserver 10.0.0.1
$ ll /etc/resolv.conf
-rw-r--r-- 1 root root 59 Aug 19 16:38 /etc/resolv.conf
Note the timestamp on the file. The idea is to prohibit the DHCP client to update it with info obtained from the DHCP server. In the case of dhcpcd, there is an option "nohook resolv.conf" which can be added in /etc/dhcpcd.conf. Of course, you can always make resolv.conf 444 root:root...
NM uses dhclient by default, so you'll have to do some homework regarding its configuration. ALternatively, you can use dhcpcd which is an optdep for NM...
]]># systemctl enable unbound.service
# echo "nameserver 127.0.0.1" > /etc/resolv.conf
# chattr +i /etc/resolv.conf
Then I restarted my laptop.
~ $ dig archlinux.org | grep SERVER
;; SERVER: 127.0.0.1#53(127.0.0.1)
However, NetworkManager still shows router's DNS and OpenDNS test site redirects me to http://www.opendns.com/welcome/oops/ and says "Your request appears to have come from a proxy". http://www.internetbadguys.com/ should display a warning page, but it doesn't show it.
]]>My local provider has a little bit screwed up DNS servers
Install BIND or unbound.
]]>I added their IPs to /etc/resolv.conf.head and they properly appear in /etc/resolv.conf, but as we know, /etc/resolv.conf is a list of suggested DNS IPs, not mandatory ones, so NetworkManager still uses DNS adresses from the router.
~ $ dig archlinux.org | grep SERVER
;; SERVER: 192.168.11.1#53(192.168.11.1)
The thing is I have no access to this router, so can I force Arch to use Google's DNS by setting up some iptables rules?
]]>