Sometimes, Linux OpenVPN client changes DNS configuration and then <VPN server domain> becomes unreachable so you get error messages like:
RESOLVE: Cannot resolve host address: <VPN server domain here> (Name or service not known)
On initial connection you see this output in the console:
dhcp-option DNS <IP here>
dhcp-option DOMAIN <VPN server domain here>
/sbin/ip route add <IP here>/32 via <IP here>
systemd-resolve --status command shows this:
Global
DNS Servers: <IP from above here>
DNS Domain: <domain here>
...
cat /etc/resolv.conf command shows new DNS configuration by OpenVPN:
...
search <domain here>
To resolve this issue, just remove this new line from /etc/resolv.conf with an editor, e.g.
or delete the line with sed:
sudo sed -i.bak '/<domain>/d' /etc/resolv.conf
resolv.conf -> /run/resolvconf/resolv.conf
UPDATE: resolv.conf is most likely dynamically generated instead of a static file.
E.g. in Ubuntu check your NetworkManager configuration:
UPDATE: resolv.conf is most likely dynamically generated instead of a static file.
E.g. in Ubuntu check your NetworkManager configuration:
sudo NetworkManager --print-config
if there's
dns=systemd-resolved
then edit settings in
/run/resolvconf/interface/systemd-resolved
and update
sudo resolvconf -u
In my case there was also
/run/resolvconf/interface/tun0.openvpn
file (created by OpenVPN) which can be safely deleted to avoid interference:
sudo rm /run/resolvconf/interface/tun0.openvpn
The DNS settings should be back to normal now, if not, you may need to run
service networking restart
I have this function defined in .bash_aliases which fixes DNS configuration before connecting via OpenVPN:
vpn_fixed_dns() {
echo "Fixing resolv.conf"
echo "nameserver 127.0.0.53" | sudo tee /run/resolvconf/interface/systemd-resolved >/dev/null
sudo rm /run/resolvconf/interface/tun0.openvpn
echo "Running sudo resolvconf -u"
sudo resolvconf -u
cat /etc/resolv.conf
echo "Running sudo openvpn"
sudo openvpn --script-security 2 --config /etc/openvpn/config/config.ovpn
}
I have this function defined in .bash_aliases which fixes DNS configuration before connecting via OpenVPN:
vpn_fixed_dns() {
echo "Fixing resolv.conf"
echo "nameserver 127.0.0.53" | sudo tee /run/resolvconf/interface/systemd-resolved >/dev/null
sudo rm /run/resolvconf/interface/tun0.openvpn
echo "Running sudo resolvconf -u"
sudo resolvconf -u
cat /etc/resolv.conf
echo "Running sudo openvpn"
sudo openvpn --script-security 2 --config /etc/openvpn/config/config.ovpn
}
No comments:
Post a Comment