I have wasted the last 2.5 hours trying to see where I went wrong with my configuration and I just can’t.

For the record, I am running OpenSuse Tumbleweed with Gnome, latest update for everything. Up to now I have been using AdGuard as my DNS resolver, but am now trying to switch to Mullvad but at this point I think I probably don’t want to anymore. Reason being, I just can not get it to work for the life of me.

My system has NetworkManager installed so I go there, select my connected Wifi, and enter Mullvad’s DNS address 194.242.2.4 in thr IPv4 section, then I go to check to see if it shows I am using their DNS and it Firefox AND Vivaldi give no internet connection errors. I go back to Adguard DNS and my internet is back working again. I go back to Mullvad, you guessed it, no internet once again. I even tried Cloudflare and Quad 9’s DNS addresses and both of those worked as well but Mullvad’s just does not want to work and I am going insane over it.

And no I can not edit resolv.conf through the terminal because NetworkManager will override it and no I don’t want to delete NetworkManager. Any feedback would be appreciated.

Edit: I have Mullvad DNS on my phone and got it running with zero issues so this is more of a Linux problem than a Mullvad DNS problem I think.

Solution:

Open terminal and follow through

sudo zypper install systemd-network

sudo nano /etc/systemd/resolved.conf

Copy paste this into the file that you just opened and change the DNS to whichever DNS provider you are using.

[Resolve]

DNS=194.242.2.4 2a07:e340::4

FallbackDNS=194.242.2.2 2a07:e340::2

Domains=~.

DNSSEC=yes

DNSOverTLS=opportunistic

#MulticastDNS=no

#LLMNR=no

#Cache=yes #CacheFromLocalhost=no

#DNSStubListener=no

#DNSStubListenerExtra=

#ReadEtcHosts=yes

#ResolveUnicastSingleLabel=no

Ctrl + O to write out and Ctrl + X to exit back to the terminal main page.

ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

sudo systemctl start systemd-resolved

sudo systemctl enable systemd-resolved

sudo systemctl restart NetworkManager

Boom it should be working now.

  • @[email protected]OP
    link
    fedilink
    -36 months ago

    How the fuck am I supposed to know that Network Manager won’t support DNS over TLS by default when every other operating system does? I’ve messed around with DNS before on multiple devices and never had any issues until now. We get it. You use Arch. Mr skillful

    • DefederateLemmyMl
      link
      fedilink
      English
      2
      edit-2
      6 months ago

      How the fuck am I supposed to know that Network Manager won’t support DNS over TLS

      Read the documentation? Use google?

      The very first hit when you google “dns over tls tumbleweed” provides the answer: https://dev.to/archerallstars/using-dns-over-tls-on-opensuse-linux-in-4-easy-steps-enable-cloud-firewall-for-free-today-2job

      A more generic query “dns over tls linux” gives this, which works just the same: https://medium.com/@jawadalkassim/enable-dns-over-tls-in-linux-using-systemd-b03e44448c1c

      Both google searches return several more hits that basically say the same thing.

      Even the NetworkManager reference manual refers you to systemd-resolved as the solution: https://www.networkmanager.dev/docs/api/latest/settings-connection.html

      Key Name Value Type Description
      dns-over-tls int32 Whether DNSOverTls (dns-over-tls) is enabled for the connection. DNSOverTls is a technology which uses TLS to encrypt dns traffic. The permitted values are: “yes” (2) use DNSOverTls and disabled fallback, “opportunistic” (1) use DNSOverTls but allow fallback to unencrypted resolution, “no” (0) don’t ever use DNSOverTls. If unspecified “default” depends on the plugin used. Systemd-resolved uses global setting. This feature requires a plugin which supports DNSOverTls. Otherwise, the setting has no effect. One such plugin is dns-systemd-resolved.

      I don’t use NetworkManager, I’ve never even used Tumbleweed and I found the answer in all of 10 minutes. Of course that doesn’t help if you’re so clueless that you didn’t even know that you were using DNS-over-TLS, or that DoT is a very recent development that differs significantly from regular DNS and that it requires a DNS resolver that supports it.

      when every other operating system does?

      Like Windows 10? (Hint: it doesn’t)

      You use Arch. Mr skillful

      Who cares what I use. When I’m messing with something I don’t understand, I at least read the documentation first instead of complaining on the internet and calling the whole community toxic and, I quote, “Butthurt Linux gobblers” when you get the slightest bit of pushback.