From 810de4efdbe2ce44ae693a48fbcfc3a816e3afcd Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Tue, 22 Dec 2020 18:42:58 +0100 Subject: [PATCH] Disable DNS over TLS by default (#1113) (#1121) It seems that on certain setups the default DNS over TLS mode "opportunistic" causes delays of ~10s when trying to resolve names. This is probably caused by providers and/or firewall setups not properly rejecting connections on port 853. It seems that also other distributions (such as Arch Linux) still disable DNS over TLS currently. Side step issues with DNS over TLS by disabling it for now. --- buildroot-external/rootfs-overlay/etc/systemd/resolved.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf b/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf index e0ac2f824..0f16e628f 100644 --- a/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf +++ b/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf @@ -16,7 +16,7 @@ #FallbackDNS=1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700::1111 2001:4860:4860::8888 2606:4700:4700::1001 2001:4860:4860::8844 #Domains= DNSSEC=no -#DNSOverTLS=opportunistic +DNSOverTLS=no #MulticastDNS=yes #LLMNR=yes #Cache=yes