How have you configured DNS?
pacman -Qs resolv
…I will quickly go over how I set up mine.
These packages:
systemd-resolvconf
openvpn-update-systemd-resolved ##(required for openvpn - otherwise unnecessary)
And to use the automated systemd-resolved we want to get rid of the resolvconf file and create a symlink:
sudo mv /etc/resolv.conf /etc/resolv.conf.2023.bak
sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
Of course you need the service running, ex:
systemctl enable --now systemd-resolved.service
These files (click for content);
This will stop NetworkManager from interfering:
/etc/NetworkManager/conf.d/rc-manager.conf
[main]
rc-manager=symlink
/etc/NetworkManager/conf.d/dns.conf
[main]
dns=systemd-resolved
I also set it to prefer IPv4:
/etc/NetworkManager/conf.d/prefer-ipv4-dns.conf
[connection]
ipv4.dns-priority=100
ipv6.dns-priority=200
And I dont like the ping to arch to ‘check connectivity’ so its disabled ala:
/etc/NetworkManager/conf.d/20-connectivity.conf
[connectivity]
uri=
#uri=https://www.archlinux.org/check_network_status.txt
#interval=3200
You dont necessarily need the DNSSEC settings of course, but I have it this way so that it will use it when available:
/etc/systemd/resolved.conf.d/dnssec.conf
[Resolve]
DNSSEC=allow-downgrade
Similar for DNS-over-TLS … I have this disabled currently, but posted here for reference:
/etc/systemd/resolved.conf.d/dns_over_tls.conf
[Resolve]
DNSOverTLS=opportunistic
And heres the more juicy bits for configuring DNS now that we have the service/symlink/etc up.
I use the fallback variant because it works better to reset the DNS if I disable VPN.
You should only need ONE of the following:
/etc/systemd/resolved.conf.d/fallback_dns.conf
[Resolve]
FallbackDNS=1.1.1.1 1.0.0.1 127.0.0.1 ::1
/etc/systemd/resolved.conf.d/dns_servers.conf
[Resolve]
DNS=1.1.1.1 1.0.0.1
Domains=~.
Alrighty … I hope that helps.
I included some extra stuff … but you said you work in the industry so 