Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS-over-TLS via SystemD Resolved.Conf instead of DNS servers #507

Open
SSJPKXL opened this issue Feb 28, 2023 · 1 comment
Open

DNS-over-TLS via SystemD Resolved.Conf instead of DNS servers #507

SSJPKXL opened this issue Feb 28, 2023 · 1 comment

Comments

@SSJPKXL
Copy link

SSJPKXL commented Feb 28, 2023

UDM firmware 2.5.X (and probably 2.4.X) supports /etc/systemd/resolved.conf, where DNS over TLS can be set, but I not sure exactly how to make it work for all clients. I am researching and it looks like DHCP, NetworkManager and some other files need to point to /etc/systemd/resolved.conf instead of pointing to etc/resolv.conf for all clients to use DNS over TLS. I verified that enabling DoT in systemd/resolved.conf did show router making attempts to use DoT in system logs.

It would be of great help if someone figured it out completely and post a script to have all clients use systemd resolved.conf DoT. It could potentially replace the need for installing CNI plugins and running custom DNS servers for those who just want a simple way to encrypt DNS queries for client devices that can't do it on their own without configuring containers.
@SSJPKXL
Copy link
Author

SSJPKXL commented Mar 12, 2023

This should probably be moved to "Discussions" section.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SSJPKXL