Issue to set up systemd DNS over TLS on Manjaro

I everyone, my level in english is not so hight but I will try explain me the best way.

I have been try to set up systemd , because I would like to use DoT on my DNS request. I have no problems with Ubuntu distro, I just set up /etc/systemd/system.conf.d/*.conf and work it.

However, with Manjaro I don’t know why don’t work. I have started systemd service and it is enabled but when I try test it with (Cloudflare test) I get this “No” in DoT requests.

When I edit the main file /etc/systemd/resolved.conf without “drop-ins” like above, and I do the same test (from Cloudflare) I get “Yes” in DoT requests but not always. I mean, I get “Yes” and in some cases “No” too.

I am running stable Manjaro 21.0.

Thanks in advance.

Did you mean systemd-resolved? This is not that same as systemd.

This folder is for settings of systemd. But not for systemd-resolved. Use for systemd-resolved settings


Also make sure that you actually use systemd-resolved.
You can find more infos in the Arch Wiki

1 Like

Thanks you for your answer, I am not an experienced user on Linux. I feel Linux a litle confuse to find directories and software files locations, it feel messy.

I can’t follow your instructions until sunday so I will write in the future.

Alright, I have created a new file in /etc/systemd/resolved.conf.d/*.conf . “resolved.conf” was restored from default to work with “drop-ins”, also have been restarted “systemd-resolved” and “NetworkManager” services. However I get the same problem described on my first comment:

I don’t know what is happening, and worst of it, I don’t know if Dns Over Tls working or not. I have checked status from “systemd-resolved” and I have get this result:

So is it working or not? How could I check it?

Thanks in advance for your patience.

Please do not post pictures of text.

Use wireshark and check the actual packages send to the DNS server.

1 Like

Did you type manually the DNS server to use with your connection? since you are using systemd dns resolver,you need to point to a local DNS to be able to use DNS over TLS in systemd,the DNS is

EDIT: Actually nevermind,looks like it works without you setting the DNS manually,but give it a try just in case.

For example in KDE you put it like this

then restart the connection and you should now be using the systemd dns resolver.


I just did it in my machine to test it out,it works in my machine

Did you have this in your /etc/systemd/resolved.conf.d/dns_servers.conf? (or whatever the file is called)

1 Like

Forgive me.

Ok, I will try but I don’t know how to use Wireshark.

Some time ago I have been looking for information but I am not sure, first of all I need to set up port mirroring on my router, isn’t it? Anyway, thanks you.

I have done, but I get the same result doing Cloudflare test.

Do you get the same result every time refresh the website?


Thanks you both for your answers

Yes,in resolvectl status i have this

           Protocols: +LLMNR +mDNS +DNSOverTLS DNSSEC=no/unsupported                                
    resolv.conf mode: foreign                                                                       
         DNS Servers:                                                                       
Fallback DNS Servers: 2606:4700:4700::1111 2620:fe::10 2001:4860:4860::8888

I only have this in the /etc/systemd/resolved.conf.d/dns_servers.conf remember

Make sure also to activate the service (or restart if you have it).

sudo systemctl restart systemd-resolved.service

In case still not working,you can try forcing the system to only use DNS by the systemd-resolved be aware that if systemd-resolved is not working correctly you will not have internet
Create a file in /etc/NetworkManager/conf.d/dns.conf and in there type


Then restart the network manager

sudo systemctl restart NetworkManager.service

Check that the system is using the DNS of systemd-resolved only,the file /etc/resolv.conf should contain

# Generated by NetworkManager
  options edns0 trust-ad

Try using the internet,if internet is not working the systemd-resolved is not working properly then (because of no DNS resolver),i don’t know what the cause because everything you have looks ok…


I have got exactly the same settings like you but I continue with the previous issue, it’s so rare.

In the future I will sniffing the connection to test if DNS’s requests are going over tls or not.