diff --git a/cmd/ctrld/cli.go b/cmd/ctrld/cli.go
index dc8470d..0e9527a 100644
--- a/cmd/ctrld/cli.go
+++ b/cmd/ctrld/cli.go
@@ -223,6 +223,7 @@ func initCLI() {
 				{s.Start, true},
 			}
 			if doTasks(tasks) {
+				disableAutoDNS(iface)
 				prog.setDNS()
 				mainLog.Info().Msg("Service started")
 			}
@@ -254,6 +255,7 @@ func initCLI() {
 			}
 			initLogging()
 			if doTasks([]task{{s.Stop, true}}) {
+				enableAutoDNS(iface)
 				prog.resetDNS()
 				mainLog.Info().Msg("Service stopped")
 			}
@@ -323,6 +325,7 @@ func initCLI() {
 			}
 			initLogging()
 			if doTasks(tasks) {
+				enableAutoDNS(iface)
 				prog.resetDNS()
 				mainLog.Info().Msg("Service uninstalled")
 				return
diff --git a/cmd/ctrld/os_linux.go b/cmd/ctrld/os_linux.go
index 582ae3c..01c52c0 100644
--- a/cmd/ctrld/os_linux.go
+++ b/cmd/ctrld/os_linux.go
@@ -9,6 +9,7 @@ import (
 	"net/netip"
 	"os/exec"
 	"reflect"
+	"runtime"
 	"strings"
 	"syscall"
 	"time"
@@ -174,6 +175,25 @@ func getDNSByNmcli(iface string) []string {
 	return dns
 }
 
+func getConnByNmcli(iface string) string {
+	if iface == "auto" {
+		iface = defaultIfaceName()
+	}
+	b, err := exec.Command("nmcli", "dev", "show", iface).Output()
+	if err != nil {
+		return ""
+	}
+	s := bufio.NewScanner(bytes.NewReader(b))
+	for s.Scan() {
+		line := s.Text()
+		if _, connName, found := strings.Cut(line, "GENERAL.CONNECTION:"); found {
+			return strings.TrimSpace(connName)
+		}
+
+	}
+	return ""
+}
+
 func ignoringEINTR(fn func() error) error {
 	for {
 		err := fn()
@@ -182,3 +202,22 @@ func ignoringEINTR(fn func() error) error {
 		}
 	}
 }
+
+func disableAutoDNS(iface string) {
+	networkManagerIgnoreAutoDNS(iface, "yes")
+}
+
+func enableAutoDNS(iface string) {
+	networkManagerIgnoreAutoDNS(iface, "no")
+}
+
+func networkManagerIgnoreAutoDNS(iface, answer string) {
+	if runtime.GOOS != "linux" {
+		return
+	}
+	if connName := getConnByNmcli(iface); connName != "" {
+		mainLog.Debug().Msg("enable auto DNS from network manager")
+		_ = exec.Command("nmcli", "con", "mod", connName, "ipv4.ignore-auto-dns", answer).Run()
+		_ = exec.Command("nmcli", "con", "mod", connName, "ipv6.ignore-auto-dns", answer).Run()
+	}
+}
diff --git a/cmd/ctrld/os_mac.go b/cmd/ctrld/os_mac.go
index 95786f3..ba9dc0d 100644
--- a/cmd/ctrld/os_mac.go
+++ b/cmd/ctrld/os_mac.go
@@ -60,3 +60,9 @@ func resetDNS(iface *net.Interface) error {
 func currentDNS(_ *net.Interface) []string {
 	return resolvconffile.NameServers("")
 }
+
+func disableAutoDNS(iface string) {
+}
+
+func enableAutoDNS(iface string) {
+}
diff --git a/cmd/ctrld/os_windows.go b/cmd/ctrld/os_windows.go
index 213c104..1652225 100644
--- a/cmd/ctrld/os_windows.go
+++ b/cmd/ctrld/os_windows.go
@@ -104,3 +104,9 @@ func currentDNS(iface *net.Interface) []string {
 	}
 	return ns
 }
+
+func disableAutoDNS(iface string) {
+}
+
+func enableAutoDNS(iface string) {
+}