Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

DNSSEC & Overriding DHCP Resolver (Securely)

I setup DNSSEC-trigger and everything appears to be working nicely. However, not all domains are signed and I would like to use Cloudflare's DNS resolver whenever and DNS-over-TLS whenever I don't need to deal with a captive portal. I'm aware I can set the DNS server manually in the control panel, but this doesn't allow me to specify a public key. Furthermore, it's unclear if that works with GNOME's captive-portal detection system.

What's the best way to go about specifying a DNS server (along with the public key) in a way that meshes well with DNSSEC-Trigger? Is it possible to do this without interfering with the captive portal process?