You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using the latest Arch Linux with systemd-resolved. I am dealing with rather two problems, but the most annoying is the case in stub resolve.conf mode.
So in foreign mode (with usual /etc/resolv.conf mode) OpenVPN3 just adds VPN's DNS server to the list, but it doesn't make it primary even if I am overriding with dns-scope: global:
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: foreign
Current DNS Server: 10.25.1.3
DNS Servers: 10.25.1.3 192.168.88.1
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
DNS Domain: EXAMPLE example.org example.com
#
# Generated by OpenVPN 3 Linux (NetCfg::DNS::ResolvConfFile)
# Last updated: 2024-03-22 18:33:46
#
search EXAMPLE example.org example.com
# OpenVPN defined name servers
nameserver 10.25.1.3
# System defined name servers
nameserver 192.168.88.1
192.168.88.1 is my home network cache server. In that case corporate services with domain other than from DNS Domain list resolves to external IP (dns-scope: global was here to fix it or I missed something?). The reason for this problem probably missing ~. in domains.
But in stub mode situation is even more weird. So OpenVPN finally detects stub mode and sets only one DNS:
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: foreign
Current DNS Server: 10.25.1.3
DNS Servers: 10.25.1.3
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
DNS Domain: EXAMPLE example.org example.com ~.
#
# Generated by OpenVPN 3 Linux (NetCfg::DNS::ResolvConfFile)
# Last updated: 2024-03-22 18:41:29
#
search EXAMPLE example.org example.com .
# OpenVPN defined name servers
nameserver 10.25.1.3
# System defined name servers
nameserver 127.0.0.53
# Other system settings
options edns0 trust-ad
Finally even corporate resources with domain other than from Domain list resolving, but after proper disconnecting it leaves the corporate DNS installed for systemd-resolved:
resolvectl in bash at 18:44:13
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 10.25.1.3
DNS Servers: 10.25.1.3
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
DNS Domain: EXAMPLE example.org example.com ~.
So basically network breaks and until I will manually do systemctl restart systemd-resolved.service it won't recover. For me it looks at least strange and probably broken.
The text was updated successfully, but these errors were encountered:
savely-krasovsky
changed the title
OpenVPN3 doesn't return previous DNS after disconnect using systemd-resolved in stub mode
OpenVPN3 doesn't set back previous DNS after disconnect using systemd-resolved in stub mode
Mar 22, 2024
If the output here doesn't look too concerning to you, you can add the --write-config option to store it. Existing settings will not be modified, unless you add the --force argument in addition.
I expect this command to detect systemd-resolved and configure OpenVPN 3 Linux to integrate with it directly instead of modifying /etc/resolv.conf. That's required for the --dns-scope setting to work.
Before starting a new VPN session, please ensure that openvpn3-service-netcfg is stopped (a simple kill -INT is enough). That's needed for the network config service to pick up this configuration change.
I am using the latest Arch Linux with systemd-resolved. I am dealing with rather two problems, but the most annoying is the case in stub resolve.conf mode.
So in foreign mode (with usual
/etc/resolv.conf
mode) OpenVPN3 just adds VPN's DNS server to the list, but it doesn't make it primary even if I am overriding withdns-scope: global
:192.168.88.1
is my home network cache server. In that case corporate services with domain other than from DNS Domain list resolves to external IP (dns-scope: global
was here to fix it or I missed something?). The reason for this problem probably missing~.
in domains.But in stub mode situation is even more weird. So OpenVPN finally detects stub mode and sets only one DNS:
Finally even corporate resources with domain other than from Domain list resolving, but after proper disconnecting it leaves the corporate DNS installed for systemd-resolved:
So basically network breaks and until I will manually do
systemctl restart systemd-resolved.service
it won't recover. For me it looks at least strange and probably broken.The text was updated successfully, but these errors were encountered: