You are not logged in.
Hi and thanks in advance,
During the last day ive been trying to set up custom dns on my machine (Cloudfare's 1.1.1.1) as well as DNS over TLS but Ive been having some problems.
I have followed the wikis guide using systemd-resolved:
1. Edit /etc/systemd/resolved.conf with my desired dns and dns over tls options
2. Symlink /etc/resolv.conf to /run/systemd/resolve/resolve.conf
3. Enable systemd-resolved.service
What happens is that the custom dns do appear on the /etc/resolv.conf file but it seems like they are overriden by my ISP ones.
This is my systemd-resolved generated /etc/resolv.conf (symlink to /run/systemd/resolve/resolve.conf)
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 1.1.1.1 *
nameserver 1.0.0.1 *
nameserver 2606:4700:4700::1111 *
# Too many DNS servers configured, the following entries may be ignored.
nameserver 2606:4700:4700::1001 * These are cloudfares dns which I configured in the /etc/systemd/resolved.conf
nameserver 195.130.XXX.X <-
nameserver 195.130.XXX.X <-
nameserver 2a02:1X00:XXX::XX:1 <-
nameserver 2a02:1X00:XXX::XX:2 <- These are my isp's default dns which are generated automatically (i didnt explocitly configured them unlike cloudfare's dns)
search home telenet.be
''' (I censored the some ips just in case)As you can see cloudfares dns are in the file, and when I execute resolvectl status it also shows 1.1.1.1 as my dns but when I check my dns over the internet using https://1.1.1.1/help it shows as if the dns I am using are my ISP's and not cloudfares, which didnt happen when I used openresolv.
Does anyone know what could be happening so that the custom dns I have are not being used?
Thanks a lot.
EDIT: It is also weird that preforming a
nslookup www.google.com it outputs 1.1.1.1 as my dns but when I execute
nmcli dev show | grep DNS it says my dns are my ISP's default one (195.130.XXX.X )
Offline
Use resolvectl in the future to share systemd-resolved dns configuration, ideally applications using the default getaddrinfo(3) will see nss-resolve before nss-dns and never have to care about /etc/resolv.conf . It's also helpful to post your resolved.conf and connection settings so we don't have to guess.
Anyway, I'd ask you to share the output of
resolvectl dnsbut I think from what you've posted I can guess that you've got cloudflare configured for global and NM has configured the DHCP nameservers on your default link. So assuming you want all dns queries to reach cloudflare over tls using NM for all connections, you'll have to configure all applications to use systemd-resolved like so:
1) symlink /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf [systemd-resolved(8)]
2) Tell NM to not use DHCP nameservers in the connection settings if you don't want them. [wiki]
3) Setup nss-resolve [nss-resolve(8)]
systemd-resolved should just use your configured global servers in that case.
Offline