What I have done:
I have edited my /etc/systemd/resolved.conf file like this:
Code: Select all
$ cat /etc/systemd/resolved.conf
DNS=9.9.9.9
FallbackDNS=149.112.112.112
Domains=~.
DNSSEC=yes
DNSSEC=allow-downgrade
DNSOverTLS=yes
#MulticastDNS=yes
#LLMNR=yes
#Cache=yes
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
Code: Select all
sudo systemctl enable systemd-resolved.service
sudo systemctl start systemd-resolved.service
Code: Select all
$ resolvectl status
Global
Protocols: +LLMNR +mDNS +DNSOverTLS DNSSEC=yes/supported
resolv.conf mode: foreign
Link 2 (wwx582c80139263)
Current Scopes: DNS LLMNR/IPv4
Protocols: +DefaultRoute +LLMNR -mDNS +DNSOverTLS DNSSEC=yes/supported
Current DNS Server: 9.9.9.9
DNS Servers: 9.9.9.9 149.112.112.112
Link 3 (wlp1s0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS +DNSOverTLS DNSSEC=yes/supported
Code: Select all
tcpdump -i any port 53
Code: Select all
tcpdump -i any
While
Code: Select all
tcpdump -i any port 853