💾 Archived View for gemini.smallweb.space › tech-gemlog › 20240122-quad9.gmi captured on 2024-03-21 at 15:30:26. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-02-05)
-=-=-=-=-=-=-
For longer than I'd like to admit (since I've had this Linux laptop from Tuxedo Computers), I've noticed that pages take a few beats longer than they do on any other device in my home. I remember looking into this briefly a while back but I didn't really get a fix or dig too deep into it. Suspecting that it was a DNS issue I started poking around and looked at /etc/resolv.conf and saw an odd nameserver entry in there:
nameserver 127.0.0.53 nameserver 8.8.8.8
The top of the file says that /etc/resolv.conf is dynamically generated so I eventually found out that systemd-resolved is a systemd service that controls the file via this helpful StackExchange answer:
And then on arch linux I found this helpful bit:
The resolver can be configured by editing /etc/systemd/resolved.conf and/or drop-in .conf files in /etc/systemd/resolved.conf.d/. See resolved.conf(5). To use systemd-resolved start and enable systemd-resolved.service.
Arch Linux Wiki (Systemd-resolved)
Which lead me to editing /etc/systemd/resolved.conf... which mentioned something about alternative DNS servers in the commments. Seeing how I'm a privacy nerd, I saw the one for quad9 down near the bottom of the comments
So I start looking into quad9 and it looks like a sweet and free DNS resolver. Based on the website, this part (among the other services it provides) hooked me:
The system uses threat intelligence from more than a dozen of the industry’s leading cybersecurity companies to give a real-time perspective on what websites are safe and what sites are known to include malware or other threats.
So back to my slow DNS issue. It turns out that when I was ran:
dig google.com
nameserver 127.0.0.53 was failing 3 times, which was what was causing the slowdown. The solution (from somewhere else on the internet) was to disable the DNSStubListener in the /etc/systemd/resolved.conf:
DNSStubListener=no
and restart the service
sudo systemctl restart systemd-resolved
I know that I can configure my router / DHCP server to use quad9, but I wanted to figure out how to do it this way, so I can fix my gemini server to use the same. So here are the settins I use in /etc/systemd/resolved.conf:
DNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net #FallbackDNS= #Domains= DNSSEC=yes DNSOverTLS=yes #MulticastDNS=no #LLMNR=no #Cache=no-negative #CacheFromLocalhost=no DNSStubListener=no #DNSStubListenerExtra= #ReadEtcHosts=yes #ResolveUnicastSingleLabel=no
I did another restart, ran "dig google.com" and saw that 9.9.9.9 was my DNS!
Happy day.
-----
2024-01-22
Tags: DNS, quad9
Gritty
Gemini Mention this log
Send replies to:
gritty@smallweb.space