From e3120df5d08da5aade13e5bcbf9a094cd538fde3 Mon Sep 17 00:00:00 2001
From: Stefan Agner <stefan@agner.ch>
Date: Tue, 22 Dec 2020 18:42:58 +0100
Subject: [PATCH] Disable DNS over TLS by default (#1113) (#1121)

It seems that on certain setups the default DNS over TLS mode
"opportunistic" causes delays of ~10s when trying to resolve names. This
is probably caused by providers and/or firewall setups not properly rejecting
connections on port 853.

It seems that also other distributions (such as Arch Linux) still
disable DNS over TLS currently. Side step issues with DNS over TLS by
disabling it for now.
---
 buildroot-external/rootfs-overlay/etc/systemd/resolved.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf b/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf
index e0ac2f824..0f16e628f 100644
--- a/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf
+++ b/buildroot-external/rootfs-overlay/etc/systemd/resolved.conf
@@ -16,7 +16,7 @@
 #FallbackDNS=1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700::1111 2001:4860:4860::8888 2606:4700:4700::1001 2001:4860:4860::8844
 #Domains=
 DNSSEC=no
-#DNSOverTLS=opportunistic
+DNSOverTLS=no
 #MulticastDNS=yes
 #LLMNR=yes
 #Cache=yes