Hi…
I’m recently install openSuse 15.6 Leap, and I found out can’t set custom DNS.
Let me explain first…
I just install clean openSuse 15.6 Leap and triple boot with Windows 10 and Kubuntu 24.04.1 LTS. After installation is finished, file /etc/resolv.conf contained
nameserver 118.98.115.69
nameserver 118.98.115.78
I believe these are my ISP’s DNS server. Then, I add “8.8.8.8,8.8.4.4,1.1.1.1” and “dns.google” in System Settings > Connections > wlan0 > IPv4 tab > Other DNS Servers & Search Domain, restart NetworkManager service, and file /etc/resolv.conf changed to:
We do it the easy way (we use KDE Plasma). See the two screenshots that show the steps involved (graphically).
Right-click the Network icon in the System Tray.
Select Configure Network Connections.
… the Configure Network window will pop up.
Select the Connection (left side) that you use (if not already selected).
In the right-pane, select the IPv4 tab.
Enter the IPv4 DNS server dot names, separated by a comma.
Next, click the IPv6 tab.
Enter the IPv6 DNS server colon names, separated by a comma.
Finally, click on Apply button at lower-right.
OpenSUSE comes with dnsmasq installed by default. You can make a configuration for the NetworkManager dnsmasq plugin. I used a popular RPM-based distribution tutorial and it should work fine in both Tumbleweed & Slowroll, even with multiple VPN connections, which can make using several VPNs a breeze (for example tailscale + your favorite provider).
The package names (in case you need them) are: dnsmasq and NetworkManager-dns-dnsmasq
# ls -alh /etc/resolv.conf
lrwxrwxrwx 1 root root 30 27. Aug 19:32 /etc/resolv.conf -> /var/run/netconfig/resolv.conf
# more /etc/resolv.conf
### /etc/resolv.conf is a symlink to /run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
search invalid
# man resolv.conf
=> If no name server entries are present, the default is to use the
name server on the local machine.
# more /var/run/dnsmasq-forwarders.conf
### /run/dnsmasq-forwarders.conf: global dns forwarders
### for use as dnsmasq --resolv-file, autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
nameserver 192.168.1.1
That is exactly what I did, but without IPv6 (IPv6 is disabled).
You see “internetpositif.id” in nslookup? It’s a site blocker from my ISP.
I want to skip this “internetpositif” thing so I can see reddit. Other website loaded okay, well, except porn sites. Maybe, it’s called DNS over TLS?
Thanks for response.
I don’t know exactly how to explain this, but the “internetpositif” thing is a site blocker from my ISP. This blocks reddit, porn sites, etc etc. And I want to skip this “internetpositif” so I can see reddit again without enabling DNS over HTTPS in Firefox’s setting.
Another potential fix would be to use /etc/hosts entry, such as:
# this is the /etc/hosts file
0.0.0.0 internetpositif.id
We use that file to block various websites, like ad sites, etc.
My guess is, even if you install it (or it’s installed by default), it’s still not enabled by default. (extra software clutter that most likely not used).
This nameserver 192.168.1.1 is configured by NetworkManager (and in this example by DHCP). Please read the section “NETCONFIG_<set>_POLICY” from
# man 8 netconfig
about NETCONFIG_DNS_POLICY:
By default, the policy is set to the special value auto. This special policy value is resolved differently by netconfig when the NetworkManager is enabled or disabled:
NetworkManager is disabled
The auto policy value is resolved to a policy "STATIC *".
NetworkManager is enabled
The auto policy value is resolved to "STATIC_FALLBACK NetworkManager"
causing to use the NetworkManager built-in merge policy with a fallback to the
static settings defined in netconfig variables when the NetworkManager does
not provide any.
Note: NetworkManager is not using any of the statically defined netconfig
settings.
Please use the (k)nm connection editor to define yout network settings for the
NetworkManager!
# netconfig update -f -v
<13>Nov 14 20:09:07 netconfig: Executing 'update -f -v' for pid 4187
debug: lockfile created (/run/netconfig.pid) for PID 4338
debug: lockfile created
debug: Module order: dns-resolver dns-bind dns-dnsmasq nis ntp-runtime
debug: dns-resolver module called
debug: Resolved dns-policy 'auto' for service 'NetworkManager' to 'STATIC_FALLBACK NetworkManager'
debug: Static Fallback
debug: Use NetworkManager policy merged settings
debug: exec get_dns_settings: /run/netconfig/NetworkManager.netconfig
debug: get_dns_settings: service 'NetworkManager' => rank '1'
debug: get_dns_settings: DNS_SEARCHLIST_1='invalid'
debug: get_dns_settings: DNS_SERVERS_1='192.168.1.1'
debug: exit get_dns_settings: /run/netconfig/NetworkManager.netconfig
debug: write_resolv_conf: ' invalid ' ' '
debug: dns settings written to /run/netconfig/resolv.conf
debug: /etc/resolv.conf is already a link to /run/netconfig/resolv.conf
debug: dns-bind Module called
debug: dns-dnsmasq Module called
debug: Resolved dns-policy 'auto' for service 'NetworkManager' to 'STATIC_FALLBACK NetworkManager'
debug: Static Fallback
debug: Use NetworkManager policy merged settings
debug: exec get_dns_settings: /run/netconfig/NetworkManager.netconfig
debug: get_dns_settings: service 'NetworkManager' => rank '1'
debug: get_dns_settings: DNS_SERVERS_1='192.168.1.1'
debug: exit get_dns_settings: /run/netconfig/NetworkManager.netconfig
debug: write_dnsmasq_forwarders: 192.168.1.1
debug: dns forwarders written to /run/dnsmasq-forwarders.conf
debug: nis Module called
debug: Resolved nis-policy 'auto' for service 'NetworkManager' to 'STATIC_FALLBACK NetworkManager'
debug: Static Fallback
debug: Use NetworkManager policy merged settings
debug: exec get_nis_settings: /run/netconfig/NetworkManager.netconfig
debug: exit get_nis_settings: /run/netconfig/NetworkManager.netconfig
debug: set_nisdomainname: NetworkManager 12
debug: set_nisdomainname: => no
debug: format_yp_conf called with :
debug: Using static fallback
debug: format_static[0] called
debug: write_yp_conf
debug: nis settings written to /run/netconfig/yp.conf
debug: /etc/yp.conf is already a link to /run/netconfig/yp.conf
debug: ntp-runtime Module called
debug: Resolved ntp-policy '' for service 'NetworkManager' to ''
# ls -alh /var/ |grep -i run$
lrwxrwxrwx 1 root root 4 27. Aug 19:32 run -> /run
Tell me that you have systemd-resolved service is enable and running, because I can’t get it done without that service. openSuse 15.6 Leap clean install didn’t include that service which is part of systemd-network.
I’m so frustrated to configure netconfig, every values I have been tried, but none of them worked. The only that works is installing systemd-network package. It’s works too in Kubuntu 24.04.1 LTS. Kubuntu comes with systemd-network package.
But, thank you anyway and thank goodness it’s solved now.
openSUSE uses NetworkManager and installing systemd-networkd alongside it might be a potential point of conflict in the future.
If you’re just using systemd-resolved, make sure to disable/mask the networkd service. Another less invasive measure would have been to use dnscypt-proxy and use the existing NM config to point to the local dnscrypt resolver.
But I must admit, I’m partial to systemd-* components myself. Using networkd, resolved, and timesyncd on Debian servers.
My ISP blocks certain websites, like reddit, online gambling, porn sites etc etc. I want to bypass the blocker by using Google’s DNS (or others like Cloudflare, Quad9, etc).
Like in Android, I use Private DNS. Or, in Firefox I use DNS over HTTPS.
That’s I want to achieve.