dancek
commented
3 years ago @jonathanio how about this?
Closed dancek closed 1 year ago
dancek
commented
3 years ago @jonathanio how about this?
dancek
commented
3 years ago ping
WGH-
commented
3 years ago I also had the same problem with VPN and DNSOverTLS being globally enabled. I think this is a nice solution (I myself just patched update-systemd-resolved to always call SetLinkDNSOverTLS(idx, off)).
I suppose the name of the option string is nonstandard and "local" to update-systemd-resolved, just like DNSSEC, right?
dancek
commented
3 years ago I suppose the name of the option string is nonstandard and "local" to
update-systemd-resolved, just likeDNSSEC, right?
Yes. I didn't even realize that some of the options were standard.
jonathanio
commented
2 years ago Looks good. I'll need to prepare some tests to add to ensure that the busctl is being called as expected. I'll do that shortly, ready for the merge.
tomeon
commented
1 year ago @dancek and @WGH- -- PR #110 adds support for the DNSOverTLS option, plus a number of additional systemd-resolved options. I'd be much obliged if you could try testing the code in that PR.
tomeon
commented
1 year ago Superseded by the recently-merged #110.
When using DNSOverTLS=yes in resolved.conf all DNS queries over VPN fail if the private DNS server doesn't support DoT. This option makes disabling DoT for the link easy while keeping the global option enabled.