Folks, I was trying to enable DNS over TLS via systemd-resolved. I've edited /etc/systemd/resolved.conf as follows: [Resolve] DNS=1.1.1.1 #FallbackDNS= Domains=~. #LLMNR=no #MulticastDNS=no #DNSSEC=no DNSOverTLS=opportunistic #Cache=yes #DNSStubListener=yes while monitoring the network (with tcpdump) to see if the resulting behavior was the intended one, it seems a TLS session is established with the target server, but then the server closes the connection. I got the same results with 1.1.1.1, 8.8.8.8 and others. Any clues? P.S.: systemd-resolved ends up doing parallel resolution with traditional DNS (despite the setting of "Domains" above) -- that was the motivation of my other previous post. But my main question for *this* message is what may be going wrong with the TLS one. Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
DNS over TLS with systemd-resolved
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: DNS over TLS with systemd-resolved
- From: Fernando Gont <fgont@xxxxxxxxxxxxxxx>
- Date: Tue, 13 Nov 2018 09:19:18 -0300
- Openpgp: preference=signencrypt
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
- Prev by Date: Domains setting in systemd-resolved
- Next by Date: Re: Environment-variable security?
- Previous by thread: Domains setting in systemd-resolved
- Next by thread: systemd-ask-password and kernel keyring
- Index(es):
 |