Configuring DNS Settings with systemd-resolve

Pochuan WangPochuan Wang
2 min read

Many Linux distros manage their DNS server configurations using systemd-resolve, which auto-generates /etc/resolv.conf and do not intend the user to modify it directly. You may see the warnings at the beginning of the /etc/resolv.conf. In this case, you can first check your DNS settings via resolvectl status, which will give you the information like the following:

user@ubuntu:/home/user$ resolvectl status
Global
           Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
  Current DNS Server: 192.168.31.7
         DNS Servers: 192.168.31.7
Fallback DNS Servers: 8.8.8.8

Link 2 (enp2s0f0)
    Current Scopes: none
         Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (enp2s0f1)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 8.8.8.8
       DNS Servers: 8.8.8.8 1.1.1.1

To change your DNS settings, you can edit the /etc/systemd/resolved.conf, the following is an example configuration to set default DNS to Google DNS and let Cloudflare DNS as fallback DNS:

#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it under the
#  terms of the GNU Lesser General Public License as published by the Free
#  Software Foundation; either version 2.1 of the License, or (at your option)
#  any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.

[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google:     8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9:      9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=8.8.8.8
FallbackDNS=1.1.1.1
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0

After configuration, you will need to reload systemd and restart the service to take effect.

sudo systemctl daemon-reload
sudo systemctl restart systemd-resolved.service
0
Subscribe to my newsletter

Read articles from Pochuan Wang directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Linuxdnsserver management

Written by

Pochuan Wang
Pochuan Wang