You are not logged in.

Pages: 1

#1 Today 21:54:34

gcb
Member
Registered: 2014-02-12
Posts: 213

it's 2026 and I don't own my DNS choice anymroe

How can i tell networkmanager to stop messing with DNS? I'm losing.

So systemd already made it clear that they are 100% for manually configured servers and any interface will always be able to override the global dns server. But it's the least worse link in the Arch default install mess. ...I mean, at least i does (the silly thing) the manual says it will do.

# /etc/systemd/resolved.conf
[Resolve]
# disable fallback to easy debug
FallbackDNS=
# set as default route, but doesn't matter as NM will also set this for EVERY interface lol
Domains=~.
# who needs netbios?!
LLMNR=no
# again, easy debug with less things
DNSStubListener=no
# lets pick the most popular dns so there's no issue we can blame on server
DNS=149.112.112.112#dns.quad9.net 9.9.9.9#dns.quad9.net
# use DoT instead of DoH so we don't have the chicken'n egg protocol idiocy.
DNSOverTLS=yes

This is working fine within systemd... i mean, i can `resolved query ...` and see in the journal debug logs it is indeed sending the request to the server I expect.

Now, networkManager have a dozen options to control this, but NONE globally. Fine, let's configure each setting.

For wifi i disable ipv6 to simplify the test, and set ipv4 mode to "auto (address only)"

for good measure, i ask it to NOT update resolved, nor /etc/resolve (doesn't matter, it will do BOTH!)

# /etc/NetworkManager/conf.d/dns.conf
[main]
dns=none
systemd-resolved=false

as soon as I connect to the wifi (after conf file reload, service restarts, and reboots!), the &*(@^&%^@#$ updates /etc/resolv with the DNS from the wifi dhcp!!!!

# Generated by NetworkManager
search lan
nameserver 10.0.0.1
nameserver 192.168.1.1

why?!?!?! It's set `dns=none` globally and explicitly set "address only" on the individual connection!


i also see some other defaults maybe i can try to change

# nmcli  connection show my-wifi | grep dns | grep default
connection.mdns:                        -1 (default)
connection.dns-over-tls:                -1 (default)
connection.dnssec:                      -1 (default)
ipv4.routed-dns:                        -1 (default)
ipv6.routed-dns:                        -1 (default)

would those help in any way?

Offline

#2 Today 23:20:13

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,211

Re: it's 2026 and I don't own my DNS choice anymroe

Why are you configuring resolved and then disabling it in the NM config? https://wiki.archlinux.org/title/Networ … d-resolved -- and how sure are you that that's the only config drop in you have? Do you potentially have one that overrides this again from earlier experiments?

Online

Pages: 1

Board footer

Powered by FluxBB