1

NextDNS with systemd-resolved

Hi. I am using Fedora 33, and would like to use NextDNS with systemd-resolved.

I have followed the instructions on the setup page for systemd-resolved, but I am damned if I can get it to resolve.

To test my installation, I used the address DNS=9.9.9.9#dns.quad9.net to see if DNSSEC and DNSoverTLS are actually working in my installation. That address resolves fine using the security, so it seems things must be ok with systemd-resolved. But I can NOT get the NextDNS servers to work.

What to look for now?

Cheers

Brian

7 replies

null
    • tangerine_bee
    • 3 yrs ago
    • Reported - view

    Same here on an Ubuntu-based Distro, with systemd-resolved nothing works...

    I am also having issues with the Stubby config and I am now trying the NextDNS App. They all resolve for a while and then it hangs itself up - especially while downloading apps, emails etc.

      • tangerine_bee
      • 3 yrs ago
      • Reported - view

      I'm using this NextDNS config, if anyone can see a problem with the settings?

      report-client-info false
      discovery-dns 
      auto-activate true
      timeout 5s
      control /var/run/nextdns.sock
      cache-size 10MB
      bogus-priv true
      use-hosts true
      config "*******"
      cache-max-age 12h0m0s
      max-ttl 5s
      hardened-privacy false
      setup-router false
      listen localhost:53
      log-queries false
      detect-captive-portals false

      • olivier
      • 3 yrs ago
      • Reported - view

      BM please share the output of “nextdns log”

      • tangerine_bee
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey see attached the Logs. I have anonymized personally identifying marks for obvious reasons, in a public forum... Thks

    • tangerine_bee
    • 3 yrs ago
    • Reported - view

    Olivier Poitrey further to the logfile above, this is the output of "systemctl status systemd-resolved.service"

    Feb 08 11:57:13 "***" systemd[1]: Starting Network Name Resolution...
    Feb 08 11:57:13 "***" systemd-resolved[2926]: Positive Trust Anchors:
    Feb 08 11:57:13 "***" systemd-resolved[2926]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
    Feb 08 11:57:13 "***" systemd-resolved[2926]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
    Feb 08 11:57:13 "***" systemd-resolved[2926]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21
    Feb 08 11:57:13 "***" systemd-resolved[2926]: Using system hostname '"***"'.
    Feb 08 11:57:13 "***" systemd[1]: Started Network Name Resolution.
    Feb 08 11:57:54 "***" systemd-resolved[2926]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
    Feb 08 11:57:55 "***" systemd-resolved[2926]: Using degraded feature set (UDP) for DNS server 127.0.0.1.

      • olivier
      • 3 yrs ago
      • Reported - view

      BM the logs is full of network unreachable or i/o timeout. Are you sure your network was up when you tested this?

      Can you please submit a https://nextdns.io/diag

      • tangerine_bee
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey thanks. I have changed back to 2.4Ghz Network and then it works with Stubby. I have already uninstalled NextDNS as I needed to get some work done as well. When I feel adventurous again and have the time, I will experiment again. 

Content aside

  • 1 Likes
  • 3 yrs agoLast active
  • 7Replies
  • 609Views
  • 3 Following