noctua@corinth:~$ systemd-resolve --status
Global
DNS Servers: 209.222.18.222 209.222.18.218
DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test
Link 3 (tun0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (wlo1)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
and here is the output from the extended test of dnsleaktest.com:
Test complete
Query round Progress... Servers found
1 ...... 1
2 ...... 1
3 ...... 1
4 ...... 1
5 ...... 1
6 ...... 1
IP Hostname ISP Country
173.239.216.29 ip-29-216-239-173.east.us.northamericancoax.com LogicWeb Inc United States
...so it looks like this *might* be fixed upstream! Would it be possible for you to backport this fix for the Ubuntu package maintainers? I'm afraid I tried but nothing different happened, so this might be dependent on a number of previous commits or stuff not found in the current zesty package. It would be amazing to have a solution for this 'downstream', thanks for your work!
Hmmmmm...I can't seem to get a backport working, but I somehow managed to get the git-master patched with your work from https:/ /cgit.freedeskt op.org/ NetworkManager/ NetworkManager/ log/?h= th/fix- dns-priority- for-resolved- bgo783569
up and running. And...it appears like we don't have DNS leaks! Here is the output of systemd-resolved --status:
noctua@corinth:~$ systemd-resolve --status
209.222. 18.218
16.172. in-addr. arpa
168.192. in-addr. arpa
17.172. in-addr. arpa
18.172. in-addr. arpa
19.172. in-addr. arpa
20.172. in-addr. arpa
21.172. in-addr. arpa
22.172. in-addr. arpa
23.172. in-addr. arpa
24.172. in-addr. arpa
25.172. in-addr. arpa
26.172. in-addr. arpa
27.172. in-addr. arpa
28.172. in-addr. arpa
29.172. in-addr. arpa
30.172. in-addr. arpa
31.172. in-addr. arpa
corp
d.f.ip6. arpa
home
internal
intranet
lan
local
private
test
Global
DNS Servers: 209.222.18.222
DNSSEC NTA: 10.in-addr.arpa
Link 3 (tun0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (wlo1)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
and here is the output from the extended test of dnsleaktest.com:
Test complete
Query round Progress... Servers found 239-173. east.us. northamericanco ax.com LogicWeb Inc United States
1 ...... 1
2 ...... 1
3 ...... 1
4 ...... 1
5 ...... 1
6 ...... 1
IP Hostname ISP Country
173.239.216.29 ip-29-216-
...so it looks like this *might* be fixed upstream! Would it be possible for you to backport this fix for the Ubuntu package maintainers? I'm afraid I tried but nothing different happened, so this might be dependent on a number of previous commits or stuff not found in the current zesty package. It would be amazing to have a solution for this 'downstream', thanks for your work!