OpenVPN client force DNS servers in Linux

October 21, 2023

If you are having problems with DNS servers not being applied to systemd-resolvd you could try the following steps, this worked for me on Linux Mint 21.2.

Thank you Pippin from the Mint forums1 and Jonathan Wright2 (website3) for the alternative config.


Make sure that either your OpenVPN server pushes DNS servers, or your client config contains the DNS servers.

# OpenVPN server.conf
push "dhcp-option DNS"

# Client .ovpn / .conf 
dhcp-option DNS

The following command is useful to see which DNS servers resolvd is querying against;

resolvectl status

Outputs the following, tun0 is my OpenVPN connection;

       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (eno1)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlp2s0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server:
       DNS Servers:

Link 17 (tun0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server:
       DNS Servers:

1) The up and down script

Make sure your client config (.ovnp or .conf) has the up down script, this should be sufficient when you are working on Ubuntu.

Add the following lines to your configuration;

up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Restart your VPN connection and check if  resolvectl status shows your pushed DNS servers.

2) Alternative script

Which worked for me, there is an alternative script that uses DBUS to update the resolved configuration. In case the script is removed from Github I have a copy at this page.

# Backup the orignal script
sudo cp /etc/openvpn/update-resolv-conf /etc/openvpn/update-resolv-conf-original
# Overwrite the the original script with the alternative
sudo wget -O /etc/openvpn/update-resolv-conf 
# Make it executable
sudo chmod +x /etc/openvpn/update-resolv-conf 

Now restart your VPN connection and see if the changes apply once again using resolvectl status.

Read also

Update DNS records on Client Connect in your OpenVPN Server
OpenVPN client pass login credentials and passphrase in Linux
The Free Alternative to Windows: Linux
Linux: The World's Largest Open-Source Project
xrandr virtual splitscreen cookbook
Linux Mint Xapp missing library package fix
OpenVPN: Problem handling a DNS Push request - Linux Mint Forums

cached copy
jonathanio (Jonathan Wright) · GitHub

cached copy

cached copy