OpenVPN Support Forum

Hi,

I have an openvpn client that tunnels to a openvpn server within a vpnc tunnel connecting to a cisco vpn device. Connection through both vpn tunnels works and I have network connectivity, but my dns is not working correctly.

Before I connect to the first tunnel my resolv.conf has an entry for my local dns server, eg -
192.168.1.xxx

After connecting to my first vpn tunnel, cisco on tun0, my resolv.conf has the following entries:
domain blah.org
172.xxx.xxx.xxx
172.xxx.xxx.xxx
192.168.1.xxx

When I connect to the second tunnel, openvpn on tun1, my resolv.conf has the following entries:
domain blah.org
172.xxx.xxx.xxx
172.xxx.xxx.xxx
192.168.2.xxx
192.168.1.xxx

Name resolution for hosts reachable on tun1 fail unless I us the IP of the host that I am trying to connect to, meaning routing is working. If I manually edit the resolv.conf file and put the 192.168.2.xxx entry above the 172.xxx.xxx.xxx entries name resolution for tun1 hosts works. How can I set the resolv.conf updates from the openvpn server, on tun1, to automatically prepend the resolv.conf updates from the tun0 connection?

Note: the client os is debian squeeze using openresolv.

Any help would be greatly appreciated!

ncalsmitty1369 wrote:Hi,

I have an openvpn client that tunnels to a openvpn server within a vpnc tunnel connecting to a cisco vpn device. Connection through both vpn tunnels works and I have network connectivity, but my dns is not working correctly.

Before I connect to the first tunnel my resolv.conf has an entry for my local dns server, eg -
192.168.1.xxx

After connecting to my first vpn tunnel, cisco on tun0, my resolv.conf has the following entries:
domain blah.org
172.xxx.xxx.xxx
172.xxx.xxx.xxx
192.168.1.xxx

When I connect to the second tunnel, openvpn on tun1, my resolv.conf has the following entries:
domain blah.org
172.xxx.xxx.xxx
172.xxx.xxx.xxx
192.168.2.xxx
192.168.1.xxx

Name resolution for hosts reachable on tun1 fail unless I us the IP of the host that I am trying to connect to, meaning routing is working. If I manually edit the resolv.conf file and put the 192.168.2.xxx entry above the 172.xxx.xxx.xxx entries name resolution for tun1 hosts works. How can I set the resolv.conf updates from the openvpn server, on tun1, to automatically prepend the resolv.conf updates from the tun0 connection?

Note: the client os is debian squeeze using openresolv.

Any help would be greatly appreciated!

SOLUTION: I had to use something other than libc with resolv.conf in order to set a DNS server entry private for individual interfaces. Per Roy Marples suggestion, I used Unbound as a local resolver with Openresolv. I configured eth0 and my tun* interfaces to be private within resolvconf.conf, which in turn helped to set Unbound to resolve to the correct dev's network. Everything works great with wired eth0 connection with 2 VPNS, I haven't tried it with a wireless connection. But, the same Unbound/Openresolve configuration does not work as expected with my usb0 interface, which is created during cell phone tethering. I am still trying to workout how to get the dhcpclient.conf setup to make the dhcp configuration of usb0 call "resolvconf -a usb0" rather than just overwrite the current resolv.conf. If anyone has suggestions for that please let me know!