Configure local Systemd-resolved DNS Resolver for Company Domains behind VPN

To send queries for the company internal (sub)-domains to the company DNS resolvers behind the VPN, the resolver can be configured with the following commands:

# Configure internal corporate domain name resolvers:
resolvectl dns tun0

# Only use the internal corporate resolvers for domain names under these:
resolvectl domain tun0 ""

# Not super nice, but might be needed:
resolvectl dnssec tun0 off