On Thu, 2026-03-05 at 09:56 +0000, Vahid Shaik wrote: > Hi, > > On a fresh Fedora 41 Workstation install, I switched from the default > DNS to custom resolvers using nmcli: > > nmcli con mod "Wired connection 1" ipv4.dns "1.1.1.1 9.9.9.9" > nmcli con mod "Wired connection 1" ipv4.ignore-auto-dns yes > nmcli con down "Wired connection 1" && nmcli con up "Wired > connection 1" > > After this, DNS resolution works for about 30 seconds then stops > completely. Regular browsing dies but ping to IP addresses still > works, so it's clearly DNS only. > > Checked resolvectl status and it shows the correct servers (1.1.1.1 > and 9.9.9.9). But firewall-cmd --list-all shows the active zone is > FedoraWorkstation, and I suspect firewalld might be interfering with > outgoing DNS on port 53. > > If I run systemctl stop firewalld, DNS works fine immediately. > Restarting it breaks DNS again. > > I tested from an external tool at https://dnsrobot.net/dns-lookup to > confirm 1.1.1.1 itself responds fine for my domains, so the problem > is definitely local to my machine. > > Has anyone seen firewalld on Fedora 41 blocking outgoing DNS queries > to custom resolvers? Is there a specific rule I need to add? I > checked the FedoraWorkstation zone and dns service is listed as > allowed, but it seems like that only covers incoming port 53.
I don't have an answer for you, but note that F41 is past its End-Of- Life and is no longer supported. Supported versions are F42 and F43. This may not affect your issue, but you should be aware of it. poc -- _______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
