networkmanager force 127.0.0.1 dns-server on ALL connections ?

Utini · 2015-10-09 18:27:58

So this is my networkmanager + dnsmasq + dnscrypt setup:
https://bbs.archlinux.org/viewtopic.php?id=203565

I am now trying to force dnscrypt on all my connections automatically by forcing 127.0.0.1 as dns-server on all connections automatically. I thought I would do this by editing the global networkmanager configuration:

nano /etc/NetworkManager/NetworkManager.conf

[main]
plugins=keyfile
dhcp=dhclient
#dns=default
dns=dnsmasq

## Set static hostname
#[keyfile]
#hostname=foobar

## HTTP-based connectivity check
#[connectivity]
#uri=http://nmcheck.gnome.org/check_network_status.txt
#interval=100

[ipv4]
dns=127.0.0.1;
dns-search=
ignore-auto-dns=true
method=auto

But if I connect to a new wifi I will not use 127.0.0.1 as dns-server but the dns-server that dhcp gives me

Any ideas ? Thanks !

Last edited by Utini (2015-10-09 18:28:52)

Raynman · 2015-10-09 19:28:00

How did you come up with that [ipv4] section? I can't find anything like that in the man page. I also don't see anything about passing your own options to dnsmasq. It looks like NM simply has some built-in support for dnsmasq to cover a basic common use case (and some special treatment for VPN connections), but you may have to configure it manually for a more complex set up like yours.

In your other thread -- you may want to say how you solved it there, by the way -- you said you followed the wiki. But the wiki page on DNSCrypt does indeed tell you to configure everything manually and to stop programs like NM from modifying /etc/resolv.conf. Did you have a particular reason for using dnsmasq instead of none for NM's dns setting?

Utini · 2015-10-10 09:07:57

Raynman wrote:

How did you come up with that [ipv4] section? I can't find anything like that in the man page.

From the wiki:

NetworkManager has a global configuration file at /etc/NetworkManager/NetworkManager.conf. Usually no configuration needs to be done to the global defaults.

In another forum someone recommended putting the [IP4] section in the global configuration to overwrite the individual configs of each network connection.

Raynman wrote:

I also don't see anything about passing your own options to dnsmasq. It looks like NM simply has some built-in support for dnsmasq to cover a basic common use case (and some special treatment for VPN connections), but you may have to configure it manually for a more complex set up like yours.

From the Wiki:

NetworkManager has the ability to start dnsmasq from its configuration file. Add the option dns=dnsmasq to NetworkManager.conf in the [main] section then disable the dnsmasq.service from being loaded by systemd:
/etc/NetworkManager/NetworkManager.conf
[main]
plugins=keyfile
dns=dnsmasq
Custom configurations can be created for dnsmasq by creating configuration files in /etc/NetworkManager/dnsmasq.d/. For example, to change the size of the DNS cache (which is stored in RAM):
/etc/NetworkManager/dnsmasq.d/cache
cache-size=1000
When dnsmasq is started by NetworkManager, the config file in this directory is used instead of the default config file.

Raynman wrote:

But the wiki page on DNSCrypt does indeed tell you to configure everything manually and to stop programs like NM from modifying /etc/resolv.conf. Did you have a particular reason for using dnsmasq instead of none for NM's dns setting?

I thought I wouldn't be able to use dnscaching without dnsmasq?
https://wiki.archlinux.org/index.php/Ne … NS_Caching

Last edited by Utini (2015-10-10 09:08:12)

R00KIE · 2015-10-10 11:34:57

Try dns=none in the [main] section and configure your resolv.conf to point to 127.0.0.1.

Utini · 2015-10-10 12:29:42

R00KIE wrote:

Try dns=none in the [main] section and configure your resolv.conf to point to 127.0.0.1.

nano /etc/resolv.conf:

# Generated by resolvconf
nameserver 127.0.0.1

But this can/will be overwritten automatically ? Atleast people wrote that networkmanager/dnsmasq/whatever will overwrite this if needed?

Also: By changing "dns=none" I will not be using dnsmasq anymore which means no local dns caching anymore?

Thanks !

R00KIE · 2015-10-10 16:16:41

If you use dhcpcd you have to add resolv.conf to the nohook line and of course you have to start your caching dns server of choice when the machine starts, but then again that is all explained in the wiki.

Utini · 2015-10-10 18:30:26

R00KIE wrote:

If you use dhcpcd you have to add resolv.conf to the nohook line and of course you have to start your caching dns server of choice when the machine starts, but then again that is all explained in the wiki.

So I have those entries in the dhcpcd conf:

nohook lookup-hostname
nohook resolv.conf
noipv4ll

and with

[main]
plugins=keyfile
dns=dnsmasq

in "/etc/NetworkManager/NetworkManager.conf" my dns caching (dnsmasq) will start automatically.

So everything should be configured just fine now ? Basically when ever I add a new connection (e.g. a new wifi network) it will use dhcp but uses 127.0.0.1 as dns server ?

Arch Linux

#1 2015-10-09 18:27:58

networkmanager force 127.0.0.1 dns-server on ALL connections ?

#2 2015-10-09 19:28:00

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

#3 2015-10-10 09:07:57

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

#4 2015-10-10 11:34:57

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

#5 2015-10-10 12:29:42

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

#6 2015-10-10 16:16:41

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

#7 2015-10-10 18:30:26

Re: networkmanager force 127.0.0.1 dns-server on ALL connections ?

Board footer