Dnsleak, systemd-resolved. How to fix it?

I have edited resolved.conf and set cloudflare as DNS server but when I test for dnsleak, ISP’s DNS servers are also found on the DNS server list. How can I disable them and use only cloudflare?

~ ❯ resolvectl status
Global
           Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=yes/supported
    resolv.conf mode: stub
  Current DNS Server: 1.1.1.1#cloudflare-dns.com
         DNS Servers: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com
                      2606:4700:4700::1001#cloudflare-dns.com
Fallback DNS Servers: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net

update: edited resolved with DNSOverTLS=yes and it is working now.

You have to use dns over tls or https or crypt easy way is systemd resolved edit and give your tls address

Here ia a solve you can read DNS client for Fedora? - #5 by frankjunior

1 Like

In nm-connection-editor, set IPv4 Method to “Automatic (DHCP) addresses” only.
In contrast to the option name, this does set the default route.

The nmcli parameter changed is “ipv4.ignore-auto-dns yes”

In DNS servers (before: “Additional DNS servers”) you can enter cloudfare.

1 Like