Troubleshooting DNS Leaks with systemd-resolved and resolv.conf

Introduction to DNS Leaks

I’ve seen DNS leaks become a major concern for Linux users who care about their online privacy. Essentially, a DNS leak happens when your system’s DNS queries slip outside a secure tunnel - think VPN - and potentially expose your browsing history to prying eyes. Given the current online security landscape, being able to troubleshoot these leaks is more important than ever.

Understanding systemd-resolved

Systemd-resolved is a key system service in Linux that handles DNS resolution. It’s part of the systemd suite and is widely used in modern distributions like Ubuntu, Debian, and Fedora. One of the benefits of systemd-resolved is that it can be configured to use DNS over TLS (DoT) or DNS over HTTPS (DoH), which encrypts DNS queries and reduces the risk of leaks.

To check if systemd-resolved is up and running on your system, you can use the following command:

systemctl status systemd-resolved

If it’s not enabled, you can start it with:

sudo systemctl start systemd-resolved

And enable it to start at boot with:

sudo systemctl enable systemd-resolved

Don’t bother with manually restarting the service after making changes - enabling it will handle that for you.

Configuring resolv.conf

The resolv.conf file is used by Linux systems to configure DNS resolution. When using systemd-resolved, this file is managed by the service, but you can still make manual changes by editing the /etc/systemd/resolved.conf file. The real trick is to add your preferred DNS servers to the [Resolve] section of this file. For example:

[Resolve]
DNS=1.1.1.1 8.8.8.8

Just replace 1.1.1.1 and 8.8.8.8 with the IP addresses of your preferred DNS servers.

Troubleshooting DNS Leaks

In practice, troubleshooting DNS leaks usually involves using online tools like dnsleaktest.com or ipleak.net. These tools will test your system’s DNS resolution and report any potential leaks. If you’re using a VPN, make sure it’s properly configured to use the VPN’s DNS servers - check your VPN’s documentation for instructions on how to do this. This is where people usually get burned, so double-check your VPN settings.

Additional Considerations

When troubleshooting DNS leaks, there are a few other factors to consider. I usually start with network configuration - ensure that it’s correct and that you’re using the right DNS servers. Then, check your VPN configuration - if you’re using one, make sure it’s properly set up and using the VPN’s DNS servers. Finally, take a look at your systemd-resolved configuration to ensure it’s using the correct DNS servers. By considering these factors and following the steps outlined above, you should be able to effectively troubleshoot DNS leaks on your Linux system and keep your online activity private.

See also

• Resolving DNS Issues with resolvectl and systemd-resolved in a Home Network
• Troubleshooting Slow Network Connectivity with ss and resolvectl on Linux
• Taming Disk-Hungry Logs with systemd's Persistent Journal and Log Rotation
• Using systemd to Manage and Rotate Logs for Forgotten System Services
• Resolving Dependency Conflicts When Mixing Third-Party Repositories with Distribution Packages