Page 1 of 1
Problem with resolvconf
Posted: Tue Nov 22, 2011 11:18 am
by alloydog
With OpenVPN running, there seems to be a problem with
resovconf.
The server cannot access external IP address, such as with
apt-get.
I have searched quite a few times for this problem. I have tried various options in the server.conf and I have followed this:
openvpn and resolv.conf.
But still no luck.
Basically, with OpenVPN running,
resolv.conf has no nameserver IP address, just the lines:
Code: Select all
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
If I restart the server with OpenVPN not running, then there is not problem and
resolv.conf has the nameserver IP address in it.
I have tried adding:
to the
server.conf file, just in case. But then the tunnel (
tun0) was not created.
Re: Problem with resolvconf
Posted: Tue Nov 22, 2011 2:31 pm
by maikcat
can you post openvpn config,resolv.conf and what os you are running (debian or ubuntu?)
also post the output of ifconfig
Michael.
Re: Problem with resolvconf
Posted: Wed Nov 23, 2011 7:36 am
by alloydog
Sorry, meant to post that lot before...
OS: Ubuntu 10.04LTS server
server.conf
Code: Select all
port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
#push "dhcp-option DNS 192.168.1.1"
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append /var/log/openvpn.log
verb 4
daemon
I have tried it with p
ush "dhcp-option DNS 192.168.1.1" uncommented out,
also without
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
the result is aways the same.
ifconfig
Code: Select all
eth0 Link encap:Ethernet HWaddr 00:26:18:b4:f3:05
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::226:18ff:feb4:f305/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:383 errors:0 dropped:0 overruns:0 frame:0
TX packets:276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44590 (44.5 KB) TX bytes:47860 (47.8 KB)
Interrupt:27 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1864 (1.8 KB) TX bytes:1864 (1.8 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Code: Select all
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
Re: Problem with resolvconf
Posted: Wed Nov 23, 2011 9:51 am
by maikcat
hi there,
the push dns thing "pushes" options to your clients,
doesnt affect your server...
can you try adding manually a dns entry inside resolv.conf BEFORE running openvpn,
remove the up/down directive,
then start it up and see if resolv.conf is altered...
Michael.