Hi,
On 18/06/22 22:49, Ian Pilcher wrote:
I've got a simple OpenVPN setup that allows me to connect to my home
network while traveling. I am using the redirect-gateway option to
route all non-local traffic over the VPN when connected, but I haven't
yet been able to figure out how to ensure that all DNS queries use the
VPN nameserver.
I am specifying the DNS server with "push dhcp-option DNS 172.31.249.1",
but it only seems to affect the nameserver that my laptop uses for
reverse DNS lookups on that particular subnet. When I connect from my
laptop (using NetworkManager-openvpn), I see this in the log:
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: setting upstream
servers from DBus
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.249.1#53(via tun0)
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.249.1#53 for domain 249.31.172.in-addr.arpa
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.250.254#53 for domain penurio.us
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.250.254#53 for domain 250.31.172.in-addr.arpa
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.250.254#53 for domain 1.255.31.172.in-addr.arpa
Jun 18 15:37:17 p5520.penurio.us dnsmasq[1501]: using nameserver
172.31.250.254#53 for domain 254.250.31.172.in-addr.arpa
How can I make the client send all DNS queries to the VPN DNS server?
this depends a little on whether your system is using systemd-resolve or
not, plus on how you have configured the NetworkManager. For example,
if you have configured the VPN profile in NetworkManager to "Use this
connection only for resources on its network" then there is a fair
chance that the DNS server will apply only to the VPN IP ranges.
However, you seem to be using dnsmasq at the back - so how does
NetworkManager tell dnsmasq which DNS servers to use?
On my Fedora 35 system, which uses systemd-resolve, I see that the DNS
settings are set *per interface* - this is not something that OpenVPN
controls, but the NetworkManager+dnsmasq backends on your distro. Which
distro are you using?
HTH,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users