[Dnsmasq-discuss] dnsmasq seems to ignore or not wait for DNS servers behind a VPN

richardvoigt at gmail.com richardvoigt at gmail.com
Sun Sep 13 22:51:00 BST 2009


On Sun, Sep 13, 2009 at 5:15 AM, Vincent Cadet <v_cadet at yahoo.fr> wrote:
> Hi people.
>
> I've installed *dnsmasq-2.49* under Gentoo. It runs concurrently with OpenResolv, which I need to add DNS server IP's to the resolver when I use my VPN connections. Actually OpenResolv acts upon */etc/dnsmasq-resolv.conf* and */etc/dnsmasq-resolvconf.conf*. The former holds the list of DNS servers, just like */etc/resolv.conf*.
>
> When I connect to a remote VPN server through "pon", everything goes fine: the connection is established, routes are set and the IP addresses of the remote network DNS servers are added to /etc/resolv.conf and /etc/dnsmasq-resolv.conf so that the remote DNS server IP's appear *first*, i.e. before the IP of my local DNS server. However name resolution doesn't work against machines on the remote network as long as the IP address of my local network DNS server is present in /etc/dnsmasq-resolv.conf.

dnsmasq doesn't try the list of servers in order (unless you set an
obsolete option), instead it treats them all as equal, global servers,
and uses whichever is fastest.

When connecting to a VPN, you probably don't want other machines on
the network to see the new connection (that's why it's called virtual
"private" network), while dnsmasq treats local and remote queries the
same.

So maybe you want openvpn to go ahead and update /etc/resolv.conf so
that for the local machine only, addresses are tested against the VPN
server while the VPN is up, and afterwards dnsmasq is used.

Or perhaps you want to put server= lines in your dnsmasq config to
direct certain domains to use the VPN servers when available.



More information about the Dnsmasq-discuss mailing list