My internet provider provides a wifi router that is pre-configured with DHCP that also provides the nameserver as their internal DNS server. There is a ton of info about why you wouldn't want this and they revolve about 2 main issues; security and performance.

Fedora 40

On Fedora, the wifi is managed by Network manager. I chose to use cloud-dns with encryption so that no-one in the middle can see what I am looking up on the internet. I chose cloud-dns because they tend to be more performant than Google nameservers.

Additionally, I also want to persistent these changes to all wifi connections regardless of which wifi network I use which is handy for laptops on the move.

Create a global NetworkManager configuration file

sudo nano /etc/NetworkManager/conf.d/dns-override.conf

Add the following content

[main]
dns=none

This tells NetworkManager not to use DHCP-assigned DNS.

Override DNS for all Wi-Fi connections

sudo nano /etc/NetworkManager/conf.d/dns-servers.conf

Add:

[global-dns]
servers=1.1.1.2,1.0.0.2

Enable DNS Over TLS
Open sudo nano /etc/systemd/resolved.conf and copy the following in

[Resolve]
DNS=1.1.1.2 1.0.0.2
DNSOverTLS=yes

Restart systemd-resolved and NetworkManager

sudo systemctl restart systemd-resolved
sudo systemctl restart NetworkManager

Debian based Linux

Disable DHCP-provided DNS from Wi-Fi Interface
Edit the sudo nano /etc/systemd/network/20-wireless.network
configuration for your interface (if applicable):

[Network]
DNS=1.1.1.2 1.0.0.2
DNSOverTLS=yes
Domains=~.

Restart networking services

sudo systemctl restart systemd-networkd