View all products
Compute
Storage
Networking
Databases
Services
Solutions
Pricing
Library
Technical Resources
Community
Marketplace
What's New
Community Questions [Solved] Help with OpenVPN/Linode DNS
Log in to Ask a Question

[Solved] Help with OpenVPN/Linode DNS

general

[Solved] it was just an iptable problem. Just takes a good nights rest to figure this out.

207.192.69.5 resolver2.newark.linode.com Net Access Corporation United States :D

I'm posting here because it has to do with Linode's DNS

I'm having an issue with getting DNS request working through my openVPN which is set up to route all traffic through the tunnel. I've built my own guide based on ~~[https://library.linode.com/networking/openvpn/ubuntu-12.04-precise" target="_blank">](https://library.linode.com/networking/o … 04-precise">https://library.linode.com/networking/openvpn/ubuntu-12.04-precise](. Everything is working as it should be but I don't think my DNS request are going through the VPN tunnel and using Linode's name servers.

I have no clue if this is a proper way to test where your DNS request go but https://dnsleaktest.com/ states my DNS servers are

208.69.36.13 m3.chi.opendns.com OpenDNS, LLC United States

208.69.36.17 m1.chi.opendns.com OpenDNS, LLC United States

208.69.36.11 m9.chi.opendns.com OpenDNS, LLC United States

208.69.36.19 m7.chi.opendns.com OpenDNS, LLC United States

Which are what my ISP use, shouldn't these be pointing to Linode's servers? Any help would be greatly appreciated.

/etc/sysctl.conf

net.ipv4.ip_forward=1

/etc/openvpn/tarsonis.conf <– server config

local 6*.1**.2**.9*
port 5***4 
proto tcp
dev tun0

persist-key
persist-tun

server 192.168.88.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.88.1"
client-to-client

ca  /etc/openvpn/tarsonis/ca.crt
cert  /etc/openvpn/tarsonis/tarsonis.crt
key  /etc/openvpn/tarsonis/tarsonis.key
dh  /etc/openvpn/tarsonis/dh4096.pem
comp-lzo

user nobody
group nogroup
keepalive 10 120
status openvpn-status.log
log-append  /etc/openvpn/tarsonis/tarsonis.log
verb 3

client.ovpn

client
dev tun
proto tcp
remote 6*.1**.2*8.9* 5***4
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert jperau.crt
key jperau.key
ns-cert-type server
comp-lzo
verb 3

/etc/iptables.cfg

*filter
-A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i tun0 -o eth0 -j ACCEPT
COMMIT

*nat
-A POSTROUTING -s 192.168.88.0/24 -o eth0 -j MASQUERADE
COMMIT

/etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 97.107.133.4
nameserver 207.192.69.4
nameserver 207.192.69.5
search members.linode.com

/etc/dnsmasq.conf

listen-address=127.0.0.1,192.168.88.1

bind-interfaces

/etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.cfg

auto eth0
iface eth0 inet static
        address 6*.1**.2**.9*
        netmask 255.255.255.0
        gateway 6*.1**.2**.1
        dns-search members.linode.com
        dns-nameservers 97.107.133.4 207.192.69.4 207.192.69.5

0 Replies

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct