I've been using Linux for more than twenty years now, but I honestly can't reliably configure a global DNS over TLS on a laptop that regularly changes connections. I used to find such experiences humbling, but now just outright annoying.

Dec 18, 2020 · 3:44 PM UTC

1
5
Replying to @gluegadget
This is what I'm doing which is quite stable. Installed 'stubby' for DoT, configured it as the upstream server for dnsmasq. Now you can either put dnsmasq (127.0.0.1) in /etc/resolv.conf and make it RO, or use resolvconf pkg to dynamically config resolv.conf the way you want.
1
1
Thanks! my setup is a slight variation of what you described, I'll update it with this. Appreciate the detailed explanation.