How to set custom port for DNS in systemd-resolved

systemd internal-dns

I want to add local DNS server with port 8600 to systemd-resolved for request forwarding. I've tried to change /etc/systemd/resolved.conf like this

[Resolve]
DNS=127.0.0.1#8600

but this is not counts as a port (btw, : didn't works too)

Is there a way to do this?


systemd-resolved is not really known for it's full-featured configuration options! But I think with a bit of iptables magic, you can get it to work with. First do something like this:

[Resolve]
DNS=127.0.0.52 #instead of 127.0.0.53 which is systemd-resolved itself.

You can of course choose any other number between 2-255. Just don't use 53 itself.

Then you have to redirect any packets headed for 127.0.0.1:53 to 127.0.0.52:53 with iptables. Here is my best untested attempt: (I don't have your environment to test this, correct me if I'm wrong)

iptables -t nat -I OUTPUT -d 127.0.0.1 --dport 53 -j REDIRECT --to-destination 127.0.0.52 --to-ports 53

and finally you should probably make this config persistent on reboots. iptables-persistent might help.

Some Helpful links:

  • Changing resolve.conf might be tricky.
  • Persistent rules can also be tricky.

Related

Disable any "pop3-login" on Dovecot
cron job causes systemd error
Email alert when private keys read from disk (honeypot, auditd)
How do I enable SR-IOV for Mellanox ConnectX-3 Ubuntu 12.04.3?
include file in .htaccess
if $ H $ is a locally compact subgroup of a topological group $ G $, then $ H $ is closed in $ G $
Dirac delta distribution & integration against locally integrable function
Finding roots of a function with mean value theorem
Derivative Bilinear map
Continuous functions that pointwise converge to zero, but the integral tending towards infinity.
Prove Friedrichs' inequality
Prove that if G is a simple graph, $\chi \geq \frac{|V|^2}{|V|^2-2|E|}$