I have wasted the last 2.5 hours trying to see where I went wrong with my configuration and I just can’t.

For the record, I am running OpenSuse Tumbleweed with Gnome, latest update for everything. Up to now I have been using AdGuard as my DNS resolver, but am now trying to switch to Mullvad but at this point I think I probably don’t want to anymore. Reason being, I just can not get it to work for the life of me.

My system has NetworkManager installed so I go there, select my connected Wifi, and enter Mullvad’s DNS address 194.242.2.4 in thr IPv4 section, then I go to check to see if it shows I am using their DNS and it Firefox AND Vivaldi give no internet connection errors. I go back to Adguard DNS and my internet is back working again. I go back to Mullvad, you guessed it, no internet once again. I even tried Cloudflare and Quad 9’s DNS addresses and both of those worked as well but Mullvad’s just does not want to work and I am going insane over it.

And no I can not edit resolv.conf through the terminal because NetworkManager will override it and no I don’t want to delete NetworkManager. Any feedback would be appreciated.

Edit: I have Mullvad DNS on my phone and got it running with zero issues so this is more of a Linux problem than a Mullvad DNS problem I think.

Solution:

Open terminal and follow through

sudo zypper install systemd-network

sudo nano /etc/systemd/resolved.conf

Copy paste this into the file that you just opened and change the DNS to whichever DNS provider you are using.

[Resolve]

DNS=194.242.2.4 2a07:e340::4

FallbackDNS=194.242.2.2 2a07:e340::2

Domains=~.

DNSSEC=yes

DNSOverTLS=opportunistic

#MulticastDNS=no

#LLMNR=no

#Cache=yes #CacheFromLocalhost=no

#DNSStubListener=no

#DNSStubListenerExtra=

#ReadEtcHosts=yes

#ResolveUnicastSingleLabel=no

Ctrl + O to write out and Ctrl + X to exit back to the terminal main page.

ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

sudo systemctl start systemd-resolved

sudo systemctl enable systemd-resolved

sudo systemctl restart NetworkManager

Boom it should be working now.

  • DefederateLemmyMl@feddit.nl
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    6 months ago

    How the fuck am I supposed to know that Network Manager won’t support DNS over TLS

    Read the documentation? Use google?

    The very first hit when you google “dns over tls tumbleweed” provides the answer: https://dev.to/archerallstars/using-dns-over-tls-on-opensuse-linux-in-4-easy-steps-enable-cloud-firewall-for-free-today-2job

    A more generic query “dns over tls linux” gives this, which works just the same: https://medium.com/@jawadalkassim/enable-dns-over-tls-in-linux-using-systemd-b03e44448c1c

    Both google searches return several more hits that basically say the same thing.

    Even the NetworkManager reference manual refers you to systemd-resolved as the solution: https://www.networkmanager.dev/docs/api/latest/settings-connection.html

    Key Name Value Type Description
    dns-over-tls int32 Whether DNSOverTls (dns-over-tls) is enabled for the connection. DNSOverTls is a technology which uses TLS to encrypt dns traffic. The permitted values are: “yes” (2) use DNSOverTls and disabled fallback, “opportunistic” (1) use DNSOverTls but allow fallback to unencrypted resolution, “no” (0) don’t ever use DNSOverTls. If unspecified “default” depends on the plugin used. Systemd-resolved uses global setting. This feature requires a plugin which supports DNSOverTls. Otherwise, the setting has no effect. One such plugin is dns-systemd-resolved.

    I don’t use NetworkManager, I’ve never even used Tumbleweed and I found the answer in all of 10 minutes. Of course that doesn’t help if you’re so clueless that you didn’t even know that you were using DNS-over-TLS, or that DoT is a very recent development that differs significantly from regular DNS and that it requires a DNS resolver that supports it.

    when every other operating system does?

    Like Windows 10? (Hint: it doesn’t)

    You use Arch. Mr skillful

    Who cares what I use. When I’m messing with something I don’t understand, I at least read the documentation first instead of complaining on the internet and calling the whole community toxic and, I quote, “Butthurt Linux gobblers” when you get the slightest bit of pushback.