My internet provider provides a wifi router that is pre-configured with DHCP that also provides the nameserver as their internal DNS server. There is a ton of info about why you wouldn't want this and they revolve about 2 main issues; security and performance.
Fedora 40
On Fedora, the wifi is managed by Network manager. I chose to use cloud-dns with encryption so that no-one in the middle can see what I am looking up on the internet. I chose cloud-dns because they tend to be more performant than Google nameservers.
Additionally, I also want to persistent these changes to all wifi connections regardless of which wifi network I use which is handy for laptops on the move.
Create a global NetworkManager configuration file
sudo nano /etc/NetworkManager/conf.d/dns-override.conf
Add the following content
[main]
dns=none
This tells NetworkManager not to use DHCP-assigned DNS.
Override DNS for all Wi-Fi connections
sudo nano /etc/NetworkManager/conf.d/dns-servers.conf
Add:
[global-dns]
servers=1.1.1.2,1.0.0.2
Enable DNS Over TLS
Open sudo nano /etc/systemd/resolved.conf and copy the following in
[Resolve]
DNS=1.1.1.2 1.0.0.2
DNSOverTLS=yes
Restart systemd-resolved and NetworkManager
sudo systemctl restart systemd-resolved
sudo systemctl restart NetworkManager
Debian based Linux
Disable DHCP-provided DNS from Wi-Fi Interface
Edit the sudo nano /etc/systemd/network/20-wireless.network configuration for your interface (if applicable):
[Network]
DNS=1.1.1.2 1.0.0.2
DNSOverTLS=yes
Domains=~.
Restart networking services
sudo systemctl restart systemd-networkd
Top comments (0)