Avatar (Fabio Alessandro Locati|Fale)'s blog

Why I switched to systemd-resolved

April 15, 2020

Yesterday, a controversial proposal got posted in the Fedora Devel mailing list: enable systemd-resolved by default. I see this change favorably since I already enabled it a few weeks ago, and I find it a very sensible option.

First, I have to admit that I see systemd and its mission of standardizing the core of the Linux user-space very favorably. At the current level of evolution of Linux, over time, this standardization and consistency will pay off much more than other alternatives. Therefore, I see the introduction of systemd-resolved positively and as an excellent way to abstract many DNS-related problems the rest of the applications.

Next, I was having huge problems with NetworkManager and /etc/resolv.conf when I was using OpenVPN. I’m not sure of the exact cause, but for some reason, OpenVPN was not able to auto-set the DNS, so I had to change the /etc/resolv.conf every time I connected or disconnected from the VPN. This problem is the real reason I looked at the possible alternatives, and I discovered that I could switch to systemd-resolved and solve the issue. Indeed the issue is solved with systemd-resolved, and everything works as I expect!

Speaking of DNS and VPN, when I set the DNS manually, I had to put it before my standard DNS. This configuration meant that every DNS query was firstly done to the VPN DNS. This added delays and potential information leak since the controller of that DNS could see my DNS activity, and therefore my internet activity. This problem does not happen with systemd-resolved since it is way smarter than the classical /etc/resolv.conf file and has an understanding of which DNS server should be used for each query.

Considering those aspects, I’m delighted that it has been proposed to make systemd-resolved the default, and I hope it will be approved.