DNS Setup on Linux
Classic configuration or fully encrypted via DoT.
This guide covers two paths: a quick setup via resolvconf and the encrypted variant via Stubby with DNS-over-TLS.
DNS Server Credentials
IPv4 Addresses
Classic DNS servers for IPv4 configuration.
theo.dremaxx.de85.215.153.54
fritz.dremaxx.de87.106.35.241
IPv6 Addresses
Native IPv6 reachability of the resolvers.
theo.dremaxx.de2a01:239:251:a800::1
fritz.dremaxx.de2a00:da00:f425:5800::1
DNS-over-TLS (DoT)
Hostname for encrypted resolution over port 853.
Hostnamedns.dremaxx.de
01 · Quick Setup
Classic DNS via resolvconf
Suitable for servers and desktops where /etc/resolv.conf is managed dynamically.
1
Install package
1sudo apt install resolvconf -y2
Open configuration file
1sudo nano /etc/resolvconf/resolv.conf.d/head3
Add nameservers
1nameserver 85.215.153.54
2nameserver 87.106.35.241Optionally also for IPv6:
1nameserver 2a01:239:251:a800::1
2nameserver 2a00:da00:f425:5800::14
Enable & reload service
1sudo resolvconf --enable-updates
2sudo resolvconf -u02 · Encrypted
DNS-over-TLS with Stubby
Stubby acts as a local stub resolver and tunnels all queries over TLS.
1
Install Stubby
1sudo apt install stubby2
Adjust configuration
1sudo nano /etc/stubby/stubby.ymlIn the upstream_recursive_servers section add the Dremaxx resolvers:
1upstream_recursive_servers:
2 - address_data: 85.215.153.54
3 tls_auth_name: "dns.dremaxx.de"
4 - address_data: 87.106.35.241
5 tls_auth_name: "dns.dremaxx.de"3
Restart Stubby
1sudo systemctl restart stubby4
Switch system DNS to Stubby
Set the local resolver in /etc/resolv.conf or in the NetworkManager:
1nameserver 127.0.0.1