summaryrefslogtreecommitdiff
path: root/content/blog/dns-over-tls.md
diff options
context:
space:
mode:
Diffstat (limited to 'content/blog/dns-over-tls.md')
-rw-r--r--content/blog/dns-over-tls.md43
1 files changed, 43 insertions, 0 deletions
diff --git a/content/blog/dns-over-tls.md b/content/blog/dns-over-tls.md
new file mode 100644
index 0000000..5a52b62
--- /dev/null
+++ b/content/blog/dns-over-tls.md
@@ -0,0 +1,43 @@
+---
+title: "DNS over TLS on Arch Linux"
+date: 2020-08-20
+slug: "dns-over-tls"
+draft: false
+---
+
+Domain name resolution is not standardized, some application use NSS, some use D-Bus, others use stub resolvers.
+`systemd-resolved` handles all of them and comes with systemd that Arch Linux uses.
+
+`systemd-resolved` configuration file is at `/etc/systemd/resolved.conf`, yours should look like this:
+
+ [Resolve]
+ DNS=1.1.1.1
+ FallbackDNS=127.0.0.1 ::1
+ Domains=~.
+ #LLMNR=yes
+ #MulticastDNS=yes
+ DNSSEC=yes
+ DNSOverTLS=yes
+ #Cache=yes
+ #DNSStubListener=yes
+ #ReadEtcHosts=yes
+
+You should enable the `systemd-resolved` service.
+
+ sudo systemctl enable --now systemd-resolved
+
+## NetworkManager
+
+Since you are probably using NetworkManager,
+you should tell it to use `systemd-resolved` by going to its configuration file (`/etc/NetworkManager/NetworkManger.conf`)
+and specifying `dns` property.
+
+This is how your `/etc/NetworkManager/NetworkManger.conf` should look like:
+
+ [main]
+ plugins=keyfile
+ dns=systemd-resolved
+
+**You will probably need to restart your computer for changes to take effect.**
+
+If you found any mistakes or that something is outdated, please [contact me](/contact/).
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-04 15:10:24 +0000