no DNS resolving being passed to sys-firewall or other appVMs after updates?

[cubit]

I am not sure if this is related to recent updates but after updating today and doing a reboot, my sys-firewall and other appVMs are not getting DNS resolving working.

- sys-net (fedora30) starts up with out an issue, can resolve and connect to the internet

- sys-firewall starts up and gets an IP address,  it can ping sys-net and hosts on the internet by IP but can not by name. 

- appVMs are the same as sys-firewall

on sys-firewall and appVMs I have two entries in /etc/resolv.conf 10.139.1.1 and .2   I am not sure what these IPs are as they do not show up in qubes manager and I can not ping them. 

IPs all start at 10.139.0.5 which is sys-net

The only way I can get to the internet is to use Tor or VPN which don't rely on the system DNS.  

Is anyone else experiencing this,  does anyone know what 1.1 and 1.2 hosts are or how I can get DNS up and running again?

cubit

[Sphere]

Well I don't have much of a solution to solving your DNS problem other than checking if your DNS queries are resolving in your sys-net vm through the use of nslookup command.

An alternative would be using DNSCrypt
https://github.com/jedisct1/dnscrypt-proxy/releases

Using this properly needs to have you change the contents of your /etc/resolv.conf to the following:
nameserver 127.0.0.1
options edns0 single-request-reopen