[systemd-devel] DNS over TLS with systemd-resolved
Fernando Gont
fgont at si6networks.com
Tue Nov 13 12:19:18 UTC 2018
Folks,
I was trying to enable DNS over TLS via systemd-resolved. I've edited
/etc/systemd/resolved.conf as follows:
[Resolve]
DNS=1.1.1.1
#FallbackDNS=
Domains=~.
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
DNSOverTLS=opportunistic
#Cache=yes
#DNSStubListener=yes
while monitoring the network (with tcpdump) to see if the resulting
behavior was the intended one, it seems a TLS session is established
with the target server, but then the server closes the connection. I got
the same results with 1.1.1.1, 8.8.8.8 and others.
Any clues?
P.S.: systemd-resolved ends up doing parallel resolution with
traditional DNS (despite the setting of "Domains" above) -- that was the
motivation of my other previous post. But my main question for *this*
message is what may be going wrong with the TLS one.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
More information about the systemd-devel
mailing list