Using systemd-resolved opens up some options that may be easier to configure then in the past.
Enabling DNSSEC:
- systemd-resolve –status
- look for “DNSSEC setting: no”
- sudo mkdir -p /etc/systemd/resolved.conf.d
- sudo nano /etc/systemd/resolved.conf.d/dnssec.conf
- enter:
- [Resolve]
DNSSEC=true
- [Resolve]
- enter:
- sudo systemctl restart systemd-resolved
- systemd-resolve –status
- look for “DNSSEC setting: yes”