(same results running command without backticks and with sudo)
noctua@corinth:~$ `nmcli connection modify "tun0" ipv4.dns-priority -42`
noctua@corinth:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test
Link 3 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222 209.222.18.218
Link 2 (wlo1)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.1
DNS Domain: home
Query round Progress... Servers found
1 ...... 2
2 ...... 3
3 ...... 1
4 ...... 2
5 ...... 2
6 ...... 2
IP Hostname ISP Country
71.242.0.150 none Verizon Internet Services United States
173.239.219.2 ip-2-219-239-173.east.us.northamericancoax.com LogicWeb Inc United States
71.242.0.174 none Verizon Internet Services United States
71.242.0.230 none Verizon Internet Services United States
**********
I still get DNS leaks where queries are clearly being sent to my ISP even if this command is run with/without sudo. So...that doesn't work and I believe my original claim about systemd-resolved ignoring connection priority stands.
(same results running command without backticks and with sudo)
noctua@corinth:~$ `nmcli connection modify "tun0" ipv4.dns-priority -42`
noctua@corinth:~$ systemd-resolve --status
16.172. in-addr. arpa
168.192. in-addr. arpa
17.172. in-addr. arpa
18.172. in-addr. arpa
19.172. in-addr. arpa
20.172. in-addr. arpa
21.172. in-addr. arpa
22.172. in-addr. arpa
23.172. in-addr. arpa
24.172. in-addr. arpa
25.172. in-addr. arpa
26.172. in-addr. arpa
27.172. in-addr. arpa
28.172. in-addr. arpa
29.172. in-addr. arpa
30.172. in-addr. arpa
31.172. in-addr. arpa
corp
d.f.ip6. arpa
home
internal
intranet
lan
local
private
test
Global
DNSSEC NTA: 10.in-addr.arpa
Link 3 (tun0)
209.222. 18.218
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222
Link 2 (wlo1)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.1
DNS Domain: home
Extended Test results from https:/ /dnsleaktest. com/
**********
Test complete
Query round Progress... Servers found 239-173. east.us. northamericanco ax.com LogicWeb Inc United States
1 ...... 2
2 ...... 3
3 ...... 1
4 ...... 2
5 ...... 2
6 ...... 2
IP Hostname ISP Country
71.242.0.150 none Verizon Internet Services United States
173.239.219.2 ip-2-219-
71.242.0.174 none Verizon Internet Services United States
71.242.0.230 none Verizon Internet Services United States
**********
I still get DNS leaks where queries are clearly being sent to my ISP even if this command is run with/without sudo. So...that doesn't work and I believe my original claim about systemd-resolved ignoring connection priority stands.