You are not logged in.

Pages: 1

#1 2024-05-11 13:21:29

icelord
Member
Registered: 2024-04-10
Posts: 31

resolv.conf

Why did NetworkManager set the nameserver to my routers ip?

Does this mean that my router will use the name server it is set to query?

If so, is this recommend or should I change my PC's resolv.conf to .1.1.1.1 or something alike?

Offline

#2 2024-05-11 13:22:36

Scimmia
Fellow
Registered: 2012-09-01
Posts: 13,727

Re: resolv.conf

It set that because that's what the DHCP server (probably also your router) told it to use for DNS.

Online

#3 2024-05-11 13:27:41

icelord
Member
Registered: 2024-04-10
Posts: 31

Re: resolv.conf

So whenever I ask my router for example.com, the router then asks it's dns server and brings the address it back to me?

Offline

#4 2024-05-11 14:50:31

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,991

Re: resolv.conf

This is a typical setup for consumer routers (they often even use dnsmasq) and if you can configure a DNS server in the router settings is very most likely what will happen.
This has the benefit that the router can cache the results for multiple clients in the LAN and you also don't need a local cache (resolved, stubby, dnsmasq)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#5 2024-05-11 15:16:53

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 30,459
Website

Re: resolv.conf

If you do want to set some other source like cloudfare, do not edit resolv.conf directly - instead add your preferred DNS provider to resolve.conf.head.  This generally does not provide any performance benefit (despite cloudfare's marketing claims).  The primary reason to use a third party DNS is to maintain some level of "privacy" from your ISP - though the value / efficacy of this is also dubious.

Last edited by Trilby (2024-05-11 15:18:34)

"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman

Offline

#6 2024-05-11 16:59:06

icelord
Member
Registered: 2024-04-10
Posts: 31

Re: resolv.conf

Okay thank you this was very informative, privacy from my ISP is a concern.

Why do you recommend .head instead?

Last edited by icelord (2024-05-11 16:59:30)

Offline

#7 2024-05-11 17:09:21

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,991

Re: resolv.conf

Regular DNS doesnt allow for privacy at all - your ISP can see every porn-related domain you query as long as the traffic goes over their system unencrypted, https://wiki.archlinux.org/title/Domain … d_security

For NM see https://wiki.archlinux.org/title/Networ … NS_servers - /etc/resolv.conf.head is (i think exclusively?) used by dhcpcd

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#8 2024-05-11 17:14:42

icelord
Member
Registered: 2024-04-10
Posts: 31

Re: resolv.conf

Yes I know, thanks It's not a big concern now but as I learn more I will increase privacy and anonymity.

Substituting convenience while still a beginner.

Offline

#9 2024-05-11 18:07:34

Head_on_a_Stick
Member
From: The Wirral
Registered: 2014-02-20
Posts: 9,003
Website

Re: resolv.conf

Consider enabling DNSSEC with DoT (or DoH). For NM switching to systemd-resolved is a simple way to achieve this.

https://wiki.archlinux.org/title/Networ … d-resolved

https://wiki.archlinux.org/title/System … ved#DNSSEC

https://wiki.archlinux.org/title/System … S_over_TLS

Jin, Jîyan, Azadî

Offline

#10 2024-05-11 21:28:10

AaAaAAaaAAaARCH
Member
Registered: 2024-02-29
Posts: 42

Re: resolv.conf

Encrypted DNS does not increase privacy in cases where reverse DNS/IP lookups can identify the domain. The main purpose would be security against DNS based attacks, which for common users is pretty useless in the HTTPS age.

Offline

Pages: 1

Board footer

Powered by FluxBB