After spending hours googling how to fix the symbolic link for /etc/resolv.conf
regularly resetting to /run/systemd/resolve/stub-resolv.conf
and finding out that this is default behavior, and use to drop-ins rather than edit /etc/resolv.conf
, I decide to create these drop-ins.
This is a network component which handles Domain Name System (DNS) resolution, which resolves domain names (web site top-level address eg. example.com) between the host system (your system) and the upstream DNS server (the servers which are responsible for hosting domain names). Without this link you are unable to access the internet.
These are configuration files which have a .conf
file extension and are located in /etc/systemd/resolved.conf.d
. They contain one or multiple configuration options in a single, or multiple .conf
files.
I have created two main types of drop-ins, single drop-ins - which have a single configuration option (for fine-grained control), and complete - which contain all configuration options. All drop-ins have comments included to explain the option functions, which have been taken directly from the resolved.conf.d manual.
-
DNS config - primary DNS servers
-
Default DNS config
-
Cloudflare DNS config
-
Google DNS config
-
Quad9 DNS config
-
-
Fallback DNS config - fallback to secondary DNS servers when primary DNS servers can't be reached
-
Default DNS fallback config
-
Cloudflare DNS fallback config
-
Google DNS fallback config
-
Quad9 DNS fallback config
-
-
DNSSEC - toggle DNSSEC (secure DNS) for DNS resolution
-
DNS over TLS - toggle DNS over TLS (provide DNS over TLS secure protocol) for DNS resolution
-
DNS Stub Listener - toggle DNS Stub Listener
-
DNS Stub Listener Extra - add optional additional IPv4, IPv6, protocol, port number(s) for the DNS resolver to listen on
-
Cache - toggle DNS caching to speed up DNS resolution
-
Cache from Localhost - toggle DNS Stub Listener
-
Domains - configure search domains
-
LLMNR (Link-Local Multicast Name Resolution) - toggle DNS Stub Listener
-
Multicast DNS - Controls Link-Local Multicast Name Resolution support (RFC 4795[1]) on the local host
-
Read Etc Hosts - toggle whether or not the DNS resolver reads hosts from
/etc/hosts
-
Resolve Unicast Single Label - configure whether or not the DNS resolver resolves A and AAAA queries for single-label names over classic DNS
-
Stable Retention Sec - set the maximum time DNS records are cached for
-
Default - complete DNS resolver configuration with resolved defaults
-
Cloudflare - complete DNS resolver configuration with resolved defaults, includes Cloudflare DNS and Fallback DNS servers
-
Google - complete DNS resolver configuration with resolved defaults, includes Google DNS and Fallback DNS servers
-
Quad9 - complete DNS resolver configuration with resolved defaults, includes Quad9 DNS and Fallback DNS servers
-
Default DNS & Fallback DNS - only contains DNS and fallback DNS configuration with resolved defaults
-
Cloudflare DNS & Fallback DNS - only contains DNS and fallback DNS configuration for Cloudflare's DNS servers
-
Google DNS & Fallback DNS - only contains DNS and fallback DNS configuration for Google's DNS servers
-
Quad9 DNS & Fallback DNS - only contains DNS and fallback DNS configuration for Quad9's DNS servers
-
No DNS - complete DNS resolver configuration without DNS and fallback DNS configuration.
-
DNS Stub Listener & DNS Stub Listener Extra - only contains the DNS stub listener & DNS stub listener extra configuration options.
There a several ways these drop-ins can be used. First of all, the 00
at the start of the filename is the priority of the drop-in - 00
is the highest priority.
-
00-resolved-dns-fallback_dns.conf
,00-resolved-dns-fallback_dns-cloudflare.conf
,00-resolved-dns-fallback_dns-google.conf
or00-resolved-dns-fallback_dns-quad9.conf
Default DNS & Fallback DNS, Cloudflare DNS & Fallback DNS, Google DNS & Fallback DNS or Quad9 DNS & Fallback DNS. Priority is not important, as only one DNS service is being used and no other configuration is required. The Default configuration can be used if you are using different DNS servers, such as those provided by your ISP.
-
00-resolved.conf
,00-resolved-cloudflare.conf
,00-resolved-google.conf
or00-resolved-quad9.conf
Default, Cloudflare, Google or Quad9 full configuration, if other options are required to be configured. Priority is not important, as only one DNS service is being used. The Default configuration can be used if you are using different DNS servers, such as those provided by your ISP.
-
00-resolved-dns-fallback_dns-cloudflare.conf
and00-resolved-no_dns.conf
Cloudflare DNS & Fallback DNS and No DNS config. Priority is not important, as this is essentially the same as using
00-resolved-cloudflare.conf
. -
00-resolved-dns-fallback_dns-cloudflare.conf
,00-resolved-no_dns.conf
and01-resolved-dns-fallback_dns-google.conf
Cloudflare DNS & Fallback DNS, No DNS config and Google DNS & Fallback DNS. Priority is important, as Cloudflare's DNS & Fallback DNS servers and No DNS are given highest priority and Google's DNS & Fallback DNS servers are used as a backup if Cloudflare's DNS servers are unavailable for resolution. All other configuration is shared between the Cloudflare and Google DNS configurations. This is for advanced use, if additional configuration is required for both DNS services.
-
00-resolved-cloudflare.conf
and01-resolved-google.conf
Cloudflare DNS & Fallback DNS and Google DNS & Fallback DNS. Priority is important, as Cloudflare's DNS & Fallback DNS servers and other configuration are given highest priority, and Google's DNS & Fallback DNS servers and other configuration are used as a backup if Cloudflare's DNS servers are unavailable for resolution. All other configuration is specific to each DNS configuration. This is for advanced use, if additional configuration is required for each DNS service.
-
00-resolved-dns-fallback_dns.conf
,00-resolved-dns-fallback_dns-cloudflare.conf
,00-resolved-dns-fallback_dns-google.conf
or00-resolved-dns-fallback_dns-quad9.conf
and any other individual drop-inDefault DNS & Fallback DNS, Cloudflare DNS & Fallback DNS, Google DNS & Fallback DNS or Quad9 DNS & Fallback DNS and any other individual drop-in. Priority is not important, as only one DNS service is being used and no other configuration is required. The Default configuration can be used if you are using different DNS servers, such as those provided by your ISP. Other individual drop-ins can be used with the same priority, if you only require certain options. This is for advanced use, if additional configuration is required for the chosen DNS service.
-
00-resolved-dns-fallback_dns-cloudflare.conf
and other individual drop-ins, and01-resolved-dns-fallback_dns-google.conf
Cloudflare DNS & Fallback DNS and other individual drop-ins and Google DNS & Fallback DNS. Priority is important, as Cloudflare's DNS & Fallback DNS servers and No DNS are given highest priority and Google's DNS & Fallback DNS servers are used as a backup if Cloudflare's DNS servers are unavailable for resolution. All other configuration is shared between the Cloudflare and Google DNS configurations. Other individual drop-ins can be used with the same priority as
00-resolved-dns-fallback_dns-cloudflare.conf
, if you only require certain options for that service. This is for advanced use, if additional configuration is required for the highest priority (primary) DNS service. -
00-resolved-dns-fallback_dns-cloudflare.conf
and01-resolved-dns-fallback_dns-google.conf
and other individual drop-insCloudflare DNS & Fallback DNS and Google DNS & Fallback DNS and other individual drop-ins. Priority is important, as Cloudflare's DNS & Fallback DNS servers and No DNS are given highest priority and Google's DNS & Fallback DNS servers are used as a backup if Cloudflare's DNS servers are unavailable for resolution. All other configuration is shared between the Cloudflare and Google DNS configurations. Other individual drop-ins can be used with the same priority as
01-resolved-dns-fallback_dns-google.conf
, if you only require certain options for that service. This is for advanced use, if additional configuration is required for the secondary DNS service. -
00-resolved-dns-fallback_dns-cloudflare.conf
and other individual drop-ins and01-resolved-dns-fallback_dns-google.conf
and other individual drop-insCloudflare DNS & Fallback DNS and Google DNS & Fallback DNS and other individual drop-ins. Priority is important, as Cloudflare's DNS & Fallback DNS servers and No DNS are given highest priority and Google's DNS & Fallback DNS servers are used as a backup if Cloudflare's DNS servers are unavailable for resolution. All other configuration is dependent on which drop-ins you use for each service. Other individual drop-ins should be used with the same priority as
00-resolved-dns-fallback_dns-cloudflare.conf
and/or01-resolved-dns-fallback_dns-google.conf
, if you only require certain options for each service. This is for advanced use, if additional configuration is required for each DNS service.
mkdir -v ~/git
or
sudo mkdir -v ~/git
if required
apt install git
or
sudo apt install git
if required
git clone https://github.com/schmittyd/resolved.conf.d.git
or
sudo git clone https://github.com/schmittyd/resolved.conf.d.git
if required
cd ~/git/resolved.conf.d/combined
Select a configuration to use
00-resolved-dns-fallback_dns.conf
- additional configuration is required00-resolved-dns-fallback_dns-cloudflare.conf
00-resolved-dns-fallback_dns-google.conf
00-resolved-dns-fallback_dns-quad9.conf
Example using Cloudflare's DNS & Fallback DNS servers
cp -v 00-resolved-dns-fallback_dns-cloudflare.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns-cloudflare.conf
or if required
sudo cp -v 00-resolved-dns-fallback_dns-cloudflare.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns-cloudflare.conf
Restart DNS Resolver service
sudo systemctl restart systemd-resolved
Ping google.com to test DNS resolution
ping -c 3 google.com
If DNS Resolution is working, you should see similar results
PING google.com (142.250.70.142) 56(84) bytes of data.
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=1 ttl=59 time=14.5 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=2 ttl=59 time=15.2 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=3 ttl=59 time=14.5 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 14.480/14.720/15.185/0.328 ms
π Note: All other DNS resolver options will be set to resolved defaults
cd ~/git/resolved.conf.d/combined
Select two configurations to use
00-resolved-dns-fallback_dns.conf
- additional configuration is required00-resolved-dns-fallback_dns-cloudflare.conf
00-resolved-dns-fallback_dns-google.conf
00-resolved-dns-fallback_dns-quad9.conf
Example using Cloudflare's DNS & Fallback DNS servers as highest priorty and Google's DNS & Fallback DNS servers as a lower priority
cp -v 00-resolved-dns-fallback_dns-cloudflare.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns-cloudflare.conf && cp -v 00-resolved-dns-fallback_dns-google.conf /etc/systemd/resolved.conf.d/01-resolved-dns-fallback_dns-google.conf
or if required
sudo cp -v 00-resolved-dns-fallback_dns-cloudflare.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns-cloudflare.conf && sudo cp -v 00-resolved-dns-fallback_dns-google.conf /etc/systemd/resolved.conf.d/01-resolved-dns-fallback_dns-google.conf
Restart DNS Resolver service
sudo systemctl restart systemd-resolved
Ping google.com to test DNS resolution
ping -c 3 google.com
If DNS Resolution is working, you should see similar results
PING google.com (142.250.70.142) 56(84) bytes of data.
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=1 ttl=59 time=14.5 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=2 ttl=59 time=15.2 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=3 ttl=59 time=14.5 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 14.480/14.720/15.185/0.328 ms
π Note: All other DNS resolver options will be set to resolved defaults
Using /etc/systemd/resolved.conf.d/combined/00-resolved-dns-fallback_dns.conf, /etc/systemd/resolved.conf.d/individual/00-resolved-dns.conf, and /etc/systemd/resolved.conf.d/individual/00-resolved-dns_fallback.conf
π Note: For this configuration you need primary and secondary DNS IP addresses from either your ISP, or DNS services like OpenDNS. For this example OpenDNS will be used - Primary: 208.67.222.222 Secondary: 208.67.220.220
cp -v 00-resolved-dns-fallback_dns.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns.conf
or if required
sudo cp -v 00-resolved-dns-fallback_dns.conf /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns.conf
Edit /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns.conf
sudo nano /etc/systemd/resolved.conf.d/00-resolved-dns-fallback_dns.conf
# DNS
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
# Default:
DNS=
# FALLBACK DNS
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
# Default:
FallbackDNS=
Add primary IP address to DNS option
DNS=208.67.222.222
Add secondary IP address to FallbackDNS option
FallbackDNS=208.67.220.220
The configuration should look like this
# DNS
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
# Default:
DNS=208.67.222.222
# FALLBACK DNS
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
# Default:
FallbackDNS=208.67.220.220
Press CTRL+X
to close, Press Y
to save then press ENTER
to confirm overwriting the existing file.
Restart DNS Resolver service
sudo systemctl restart systemd-resolved
Ping google.com to test DNS resolution
ping -c 3 google.com
If DNS Resolution is working, you should see similar results
PING google.com (142.250.70.142) 56(84) bytes of data.
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=1 ttl=59 time=14.5 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=2 ttl=59 time=15.2 ms
64 bytes from mel04s01-in-f14.1e100.net (142.250.70.142): icmp_seq=3 ttl=59 time=14.5 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 14.480/14.720/15.185/0.328 ms
π Note: All other DNS resolver options will be set to resolved defaults