stunnel + openvpn some problems encountered

[ganhehe]

environment
server : centos7+stunnel+openvpn2.4.6
client: win10 pro+stunnel+openvpn-guiv11.12

connect successed

when use chome/ie to access web site: dns query dose not traffic throuth VPN，but http/https traffic throuth VPN
when use WinMTR(traceroute tools)：host:www.example.com and start to traceroute, dns query also not traffic throuth VPN
when use cmd--》nslookup command: dns query traffic throute vpn
other applications only use ip but not domain name also work fine throuth VPN

by the way:
1.use udp mode the same problems
2.on the same server and cilent test ocserv+Cisco AnyConnect client all traffice inclued dns query throuth VPN

View Originalserver.conf

local 127.0.0.1
port 11194
proto tcp
dev tun
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/server.crt
dh /etc/openvpn/pki/dh.pem
server 10.8.110.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 1.0.0.1"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

View Originalclient.conf

client
dev tun
proto tcp
remote 127.0.0.1 18080
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
verb 3
redirect-gateway def1

route print
===========================================================================
接口列表
17...88 51 fb 5d 89 d2 ......Intel(R) 82579LM Gigabit Network Connection
7...02 00 4c 4f 4f 50 ......Npcap Loopback Adapter
6...88 51 fb 5d 89 d3 ......Intel(R) 82574L Gigabit Network Connection
11...00 ff b0 12 8f 50 ......TAP-Windows Adapter V9
1...........................Software Loopback Interface 1
===========================================================================

IPv4 路由表
===========================================================================
活动路由:
网络目标 网络掩码 网关 接口 跃点数
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.221 291
0.0.0.0 128.0.0.0 10.8.110.5 10.8.110.6 291
10.8.110.1 255.255.255.255 10.8.110.5 10.8.110.6 291
10.8.110.4 255.255.255.252 在链路上 10.8.110.6 291
10.8.110.6 255.255.255.255 在链路上 10.8.110.6 291
10.8.110.7 255.255.255.255 在链路上 10.8.110.6 291
127.0.0.0 255.0.0.0 在链路上 127.0.0.1 331
127.0.0.1 255.255.255.255 在链路上 127.0.0.1 331
127.0.0.1 255.255.255.255 192.168.1.254 192.168.1.221 291
127.255.255.255 255.255.255.255 在链路上 127.0.0.1 331
128.0.0.0 128.0.0.0 10.8.110.5 10.8.110.6 291
169.254.0.0 255.255.0.0 在链路上 169.254.139.40 281
169.254.139.40 255.255.255.255 在链路上 169.254.139.40 281
169.254.255.255 255.255.255.255 在链路上 169.254.139.40 281
192.168.1.0 255.255.255.0 在链路上 192.168.1.221 291
192.168.1.221 255.255.255.255 在链路上 192.168.1.221 291
192.168.1.255 255.255.255.255 在链路上 192.168.1.221 291
224.0.0.0 240.0.0.0 在链路上 127.0.0.1 331
224.0.0.0 240.0.0.0 在链路上 10.8.110.6 291
224.0.0.0 240.0.0.0 在链路上 169.254.139.40 281
224.0.0.0 240.0.0.0 在链路上 192.168.1.221 291
255.255.255.255 255.255.255.255 在链路上 127.0.0.1 331
255.255.255.255 255.255.255.255 在链路上 10.8.110.6 291
255.255.255.255 255.255.255.255 在链路上 169.254.139.40 281
255.255.255.255 255.255.255.255 在链路上 192.168.1.221 291
===========================================================================
永久路由:
网络地址 网络掩码 网关地址 跃点数
0.0.0.0 0.0.0.0 192.168.1.254 默认
===========================================================================

[TinCanTech]

client: win10

dns query dose not traffic throuth VPN

Use --block-outside-dns

[ganhehe]

Thanks @TinCanTech

I use push "block-outside-dns" on server.conf
Use tcpdump tools i can see dns query throuth vpn server, but the source ip is my cilent virtual tun ip(10.8.110.6)
and the query results can`t route to my cilent,still can`t access any web site

tcpdump -nn port 53:

18:20:54.993546 IP 10.8.110.6.55566 > 1.1.1.1.53: 6+ A? www.google.com. (32)
18:20:57.015337 IP 10.8.110.6.55567 > 1.1.1.1.53: 7+ AAAA? www.google.com. (32)
18:20:59.030747 IP 10.8.110.6.55568 > 1.1.1.1.53: 8+ A? www.google.com. (32)
18:21:01.046823 IP 10.8.110.6.55569 > 1.1.1.1.53: 9+ AAAA? www.google.com. (32)

[TinCanTech]

--block-outside-dns is a client directive.