Subject: Re: systemd-resolved ignoring /etc/resolv.conf custom nameservers after? Bookworm upgrade

If systemd-resolved is installed and running, you completely lose control of /etc/resolv.conf -- editing /etc/resolv.conf is not effectual at all. Basically if you want to run your own DNS service, you need to *stop* systemd-resolved:

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved
# Be careful with this: only say yes, if it does not remove other *needed*
# packages.
sudo apt purge systemd-resolved



At Thu, 5 Mar 2026 02:47:26 +0000 Vahid Shaik <vahid@dnsrobot.net> wrote:

Hi all,

After upgrading from Bullseye to Bookworm, I'm running into an issue where systemd-resolved seems to override my custom DNS settings in /etc/resolv.conf.

I have a small home server running Debian 12 with Pi-hole for local DNS filtering. Before the upgrade, I had this in /etc/resolv.conf:

nameserver 192.168.1.10
nameserver 1.1.1.1

After the upgrade, systemd-resolved took over and /etc/resolv.conf now points to 127.0.0.53. My Pi-hole queries stopped working.

What I've tried so far:

1. Setting DNS= and FallbackDNS= in /etc/systemd/resolved.conf ?? works temporarily but reverts after reboot on one of my machines
2. Symlinking /etc/resolv.conf to /run/systemd/resolve/resolv.conf ?? gives me the "upstream" servers but breaks .local resolution
3. Disabling systemd-resolved entirely ?? works but feels like fighting the system

I've been using https://dnsrobot.net/dns-lookup to verify which nameservers are actually responding to my queries from outside, which helped confirm the issue is local to resolved and not my upstream DNS.

For those who've dealt with this ?? what's the recommended Debian way to handle custom DNS with systemd-resolved? Should I stick with resolved and configure it properly, or is disabling it and managing resolv.conf manually still a valid approach on Bookworm?

Thanks,
Vahid <https://aka.ms/GetOutlookForMac>

--
Robert Heller -- Cell: 413-658-7953 GV: 978-633-5364
Deepwoods Software -- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
heller@deepsoft.com -- Webhosting Services


--- PyGate Linux v1.5.12
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: systemd-resolved ignoring /etc/resolv.conf custom nameservers? after? Bookworm upgrade

At Thu, 05 Mar 2026 17:24:07 +0100 Jan Claeys <lists@janc.be> wrote:

On Wed, 2026-03-04 at 22:43 -0500, Robert Heller wrote:

If systemd-resolved is installed and running, you completely lose
control of /etc/resolv.conf -- editing /etc/resolv.conf is not
effectual at all.

That's not (entirely) true, systemd-resolved can work with resolv.conf
as explained in the systemd-resolved.service(8) manpage under the '/ETC/RESOLV.CONF' header.

Yes, there is another file that is used by systemd-resolved. systemd-resolved launches a "DNS" handler (a simple caching server, like DNS Masq or something like that), which will forward to either what network manager picks up via DHCP, and handles DNS for VMs and mDNS, and yes there is some file under someplace where other DNS servers can be listed. All very clever, but if you are running your own DNS server(s) (ie running full bind9), it is easier and simplier to just stop and disable systemd-resolved and manually manage /etc/resolv.conf. Oh, network manager will mess with /etc/resolv.conf when systemd-resolved is absent. There might be config somewhere for network manager to deal with that. (On machines where I am running bind9, I set up the Ethernet with a static IP in /etc/network/interfaces, which keeps network manager at bay.



--
Robert Heller -- Cell: 413-658-7953 GV: 978-633-5364
Deepwoods Software -- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
heller@deepsoft.com -- Webhosting Services


--- PyGate Linux v1.5.12
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: systemd-resolved ignoring /etc/resolv.conf custom nameservers? after? Bookworm upgrade

Robert Heller <heller@deepsoft.com> wrote:

At Thu, 05 Mar 2026 17:24:07 +0100 Jan Claeys <lists@janc.be> wrote:

On Wed, 2026-03-04 at 22:43 -0500, Robert Heller wrote:

If systemd-resolved is installed and running, you completely lose
control of /etc/resolv.conf -- editing /etc/resolv.conf is not
effectual at all.

That's not (entirely) true, systemd-resolved can work with resolv.conf
as explained in the systemd-resolved.service(8) manpage under the '/ETC/RESOLV.CONF' header.

Yes, there is another file that is used by systemd-resolved. systemd-resolved launches a "DNS" handler (a simple caching server, like DNS Masq or something like that), which will forward to either what network manager picks up via DHCP, and handles DNS for VMs and mDNS, and yes there is some file under someplace where other DNS servers can be listed. All very clever, but if you are running your own DNS server(s) (ie running full bind9), it is easier and simplier to just stop and disable systemd-resolved and manually manage /etc/resolv.conf. Oh, network manager will mess with /etc/resolv.conf when systemd-resolved is absent. There might be config somewhere for network manager to deal with that. (On machines where I am running bind9, I set up the Ethernet with a static IP in /etc/network/interfaces, which keeps network
manager at bay.

My approach, when I want to manage local DNS etc. is to disable systemd-resolved completely and use dnsmasq instead.

--
Chris Green
ú

--- PyGate Linux v1.5.12
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)