OpenVPN client force DNS servers in Linux

October 21, 2023

If you are having problems with DNS servers not being applied to systemd-resolvd you could try the following steps, this worked for me on Linux Mint 21.2.

Thank you Pippin from the Mint forums1 and Jonathan Wright2 (website3) for the alternative config.

Troubleshooting

Make sure that either your OpenVPN server pushes DNS servers, or your client config contains the DNS servers.

# OpenVPN server.conf
push "dhcp-option DNS 10.255.0.1"

# Client .ovpn / .conf 
dhcp-option DNS 10.255.0.1

The following command is useful to see which DNS servers resolvd is querying against;

resolvectl status

Outputs the following, tun0 is my OpenVPN connection;

Global
       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (eno1)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlp2s0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.1
       DNS Servers: 192.168.1.1

Link 17 (tun0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 10.255.0.1
       DNS Servers: 10.255.0.1

1) The up and down script

Make sure your client config (.ovnp or .conf) has the up down script, this should be sufficient when you are working on Ubuntu.

Add the following lines to your configuration;

up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Restart your VPN connection and check if  resolvectl status shows your pushed DNS servers.

2) Alternative script

Which worked for me, there is an alternative script that uses DBUS to update the resolved configuration. In case the script is removed from Github I have a copy at this page.

# Backup the orignal script
sudo cp /etc/openvpn/update-resolv-conf /etc/openvpn/update-resolv-conf-original
# Overwrite the the original script with the alternative
sudo wget https://raw.githubusercontent.com/jonathanio/update-systemd-resolved/master/update-systemd-resolved -O /etc/openvpn/update-resolv-conf 
# Make it executable
sudo chmod +x /etc/openvpn/update-resolv-conf

Now restart your VPN connection and see if the changes apply once again using resolvectl status.

Read also

Update DNS records on Client Connect in your OpenVPN Server
OpenVPN client pass login credentials and passphrase in Linux
The Free Alternative to Windows: Linux
Linux: The World's Largest Open-Source Project
xrandr virtual splitscreen cookbook
Linux Mint Xapp missing library package fix
Comments
References
1
OpenVPN: Problem handling a DNS Push request - Linux Mint Forums

https://forums.linuxmint.com/viewtopic.php?p=1717556#p1717556

cached copy
2
jonathanio (Jonathan Wright) · GitHub

https://github.com/jonathanio/

cached copy
3
jon.than.io/

http://jon.than.io/

cached copy
Tags

linux, vpn, openvpn, dns, server, resolved, resolve, systemd, update, client, howto, fix, tutorial, troubleshooting

My friends
Save money with Quanloop.
Latest posts
Look at some
Tags
geschiedenis historia culture cultura histoire discrimination cultuur history LGBTQ+ homosexualité homosexualidad sport national deporte nacional discriminación derechos humanos
Save money with Quanloop.