System Level Linux DNS over TLS on Arch Linux

System Level Linux DNS over TLS on Arch Linux

Prerequisite

stubby
dnsmasq

Installation

stubby

sudo pacmas -S stubby

Start and endable stubby

sudo systemctl enable stubby
sudo systemctl start stubby

Configuration

Open and edit /etc/stubby/stubby.yml

listen_addresses:
  - 127.0.0.1@53000
  - 0::1@53000

upstream_recursive_servers:
  - address_data: 9.9.9.9
    tls_auth_name: "dns.quad9.net"
  - address_data: 9.9.9.10
    tls_auth_name: "dns.quad9.net"
  - address_data: 1.1.1.1
    tls_auth_name: "cloudflare-dns.com"
  - address_data: 1.0.0.1
    tls_auth_name: "cloudflare-dns.com"

dnsmasq

Arch Linux based distribution

sudo pacmas -S dnsmasq

Start and endable stubby

sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq

Configurations

Open and edit /etc/dnsmasq.conf

no-resolv
proxy-dnssec
server=::1#53000
server=127.0.0.1#53000
listen-address=::1,127.0.0.1

Use dnsmasq as default DNS

Common Usages

Open and edit /etc/resolv./conf

nameserver 127.0.0.1

With `NetworkManager`

[main]
dns=dnsmasq

경력 20년 이상의 소프트웨어 개발자 입니다. 임베디드 시스템, 풀스택, 리눅스 시스템 프로그래밍, 윈도우즈 프로그래밍, 클라우드, 서버리스..