Hi Tom, Tom Ashcraft writes:
Anyone know how to set up CloudFlare DNS on a home computer running Kubuntu 18.04?
I just gave this a shot with Kubuntu in a VM. My solution is at the end of this mail: modify /etc/systemd/resolved.conf and restart resolved. The rest of the mail explains how I got there. Despite my expectations, editing the System Settings/Network/Connections menu in Kubuntu did not seem to have any effect on the machine. Instead, systemd seems to have its own idea of how to resolve DNS... and it's very opinionated. First, I made sure systemd-resolved was running, by checking the output of "systemctl status systemd-resolved": it showed a green "light" and this output line (among many others): Status: "Processing requests..." So I was confident that systemd is what's actually doing name resolution by default on Kubuntu 18.04. Even moreso when I ran "nslookup example.com" (nslookup being a non-systemd tool that I use practically every day) and it mentioned 127.0.0.53, widely known as systemd's default stub resolver. And a third indicator, for good measure: "file /etc/resolv.conf" revealed the system nameserver config file to be a symlink to /var/run/systemd/resolve/stub-resolv.conf. So to use Cloudflare ourselves, we need to tell this stub resolver to use Cloudflare. "systemd-resolve --status" prints the nameservers and settings used by the stub resolver. Even after I had changed the network settings in Kubuntu's "System Settings" menu to Cloudflare, there was no sign of it in this status output, which was pretty discouraging. The configuration is stored in /etc/systemd/resolved.conf and documented in its manpage (https://www.freedesktop.org/software/systemd/man/resolved.conf.html). I uncommented the DNS line and added the Cloudflare IP addresses, and also disabled DNSSEC, since in my opinion it's not yet trouble-free enough to be used on a normal desktop. The result was the following resolved.conf: [Resolve] DNS=1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001 DNSSEC=no One "sudo systemctl restart systemd-resolved" later, and everything was working. Now "systemd-resolve --status" prints the Cloudflare DNS servers, so I'm reasonably sure it's using Cloudflare for name resolution. -- Anthony J. Bentley