Problem with resolvconf

alloydog · Post by **alloydog** » Tue Nov 22, 2011 11:18 am

With OpenVPN running, there seems to be a problem with resovconf.
The server cannot access external IP address, such as with apt-get.

I have searched quite a few times for this problem. I have tried various options in the server.conf and I have followed this: openvpn and resolv.conf.
But still no luck.

Basically, with OpenVPN running, resolv.conf has no nameserver IP address, just the lines:

Code: Select all

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

If I restart the server with OpenVPN not running, then there is not problem and resolv.conf has the nameserver IP address in it.

I have tried adding:

Code: Select all

user nobody
group nobody

to the server.conf file, just in case. But then the tunnel (tun0) was not created.

Post by **maikcat** » Tue Nov 22, 2011 2:31 pm

can you post openvpn config,resolv.conf and what os you are running (debian or ubuntu?)

also post the output of ifconfig

Michael.

alloydog · Post by **alloydog** » Wed Nov 23, 2011 7:36 am

Sorry, meant to post that lot before...

OS: Ubuntu 10.04LTS server

server.conf

Code: Select all

port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
#push "dhcp-option DNS 192.168.1.1"
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append /var/log/openvpn.log
verb 4 
daemon

I have tried it with push "dhcp-option DNS 192.168.1.1" uncommented out,
also without
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

the result is aways the same.

ifconfig

Code: Select all

eth0      Link encap:Ethernet  HWaddr 00:26:18:b4:f3:05  
          inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::226:18ff:feb4:f305/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:383 errors:0 dropped:0 overruns:0 frame:0
          TX packets:276 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:44590 (44.5 KB)  TX bytes:47860 (47.8 KB)
          Interrupt:27 Base address:0xa000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:24 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1864 (1.8 KB)  TX bytes:1864 (1.8 KB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

resolve.conf

Code: Select all

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

Post by **maikcat** » Wed Nov 23, 2011 9:51 am

hi there,

the push dns thing "pushes" options to your clients,
doesnt affect your server...

can you try adding manually a dns entry inside resolv.conf BEFORE running openvpn,
remove the up/down directive,
then start it up and see if resolv.conf is altered...

Michael.

OpenVPN Support Forum

Problem with resolvconf

Problem with resolvconf

Re: Problem with resolvconf

Re: Problem with resolvconf

Re: Problem with resolvconf