0

I've run into a strange issue when changing my active DNS servers on Fedora. On other distros, I use a script which modifies my /etc/resolv.conf as and when I need it with resolvconf. On other Linux machines, the /etc/resolv.conf file contains just the new DNS servers when the script is ran:

nameserver 1.1.1.1
nameserver 1.0.0.1

Now my ISP's DNS is no longer used until I revert the file.

Now to Fedora, the /etc/resolv.conf file matches the above, and never seems to be overwritten, but my ISP's DNS is still being shown as a 3rd server when using dnsleaktest.com. After checking this website I check the contents of /etc/resolv.conf again and sure enough it's still the same, only 1.1.1.1 and 1.0.0.1.

I've read a lot of questions on this site and others about people saying that services such as systemd-resolved and networkmanager can update the resolv.conf which has resulted in DNS leaks, however the file never changes. My issue is that the resolv.conf file doesn't seem to be being obeyed.

So this begs the question, why is my ISP's DNS being used when I only have the 2 nameservers listed in my resolv.conf?

The only thing I'm doing different on Fedora is I'm not installing the openresolv package like I have done on other distros, as doing so seems to remove any 'resolvconf' binary from the system altogether.

Any help would be greatly appreciated.

Improve this question
9
  • If you really want to make sure it's not changed, make it immutable by running chattr +i /etc/resolv.conf assuming it's not a symlink (to /run/systemd/resolve/stub-resolv.conf for example).
    – Cristian Ciupitu
    Commented May 29, 2022 at 13:59
  • I've just tried removing the symlink to /run/systemd/resolve/stub-resolv.conf, then recreating /etc/resolv.conf with just 1.1.1.1 and 1.0.0.1 making it immutable. I still get the same result though, this issue doesn't seem to be due to modification of the resolv.conf.
    – Letal1s
    Commented May 29, 2022 at 14:18
  • It wouldn't hurt to reboot just in case.
    – Cristian Ciupitu
    Commented May 29, 2022 at 14:22
  • Sure thing, just rebooted but I'm still getting my ISP's DNS as the 3rd server on dnsleaktest.com. My immutable resolv.conf still has just 1.1.1.1 and 1.0.0.1.
    – Letal1s
    Commented May 29, 2022 at 14:27
  • You might also wanna check the hosts entry from /etc/nsswitch.conf, maybe it has a funny value.
    – Cristian Ciupitu
    Commented May 29, 2022 at 15:10

1 Answer 1

Reset to default
1

Since I was using this for an OpenVPN connection, I ended up turning to this script on GitHub: update-systemd-resolved.

When using this, pushing the dhcp-option "DOMAIN-ROUTE ." made systemd-resolved send all DNS queries via my DNS servers supplied in the push from the server. This prevented my ISP DNS from being used, and I am now left with 1.1.1.1 and 1.0.0.1 as I wanted!

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .