Issue: OpenVPN connects successfully but cannot resolved hostnames when browsing. It looks like an OpenVPN DNS issue.
Platform: Ubuntu 14.04 LTS (Trusty Tahr)
Software version: OpenVPN 2.3.4
OpenVPN logs indicated the DNS configuration was successfully pushed from OpenVPN server to client.
Tue Oct 14 05:08:39 2014 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1) Tue Oct 14 05:08:40 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.34 10.8.0.33'
I tested nslookup but failed.
rejohn@R007:/opt/openvpn-2.3.4$ nslookup yahoo.com Server: 127.0.1.1 Address: 127.0.1.1#53 ** server can't find yahoo.com: REFUSED
The error above indicated that my local ISP didn’t allow lookup from non-AU IPs. This make sense because my IP now changed to a non-AU IP.
Solution: Issue resolved by overriding the DNS servers I got from my router. To do this I had to edit /etc/dhcp/dhclient.conf file. Added supersede domain-name-servers 8.8.8.8; then restarted my network connection sudo service network-manager restart. The newly added line in dhclient.conf means that if the name searched for is not in the cache, it will ask 8.8.8.8 and not at the DNS server provided by my router.
Tested nslookup again and got an answer using Google’s DNS servers.
rejohn@R007:/etc/dhcp$ nslookup google.com Server: 127.0.1.1 Address: 127.0.1.1#53 Non-authoritative answer: Name: google.com Address: 173.194.112.200 Name: google.com Address: 173.194.112.199 Name: google.com Address: 173.194.112.195 Name: google.com Address: 173.194.112.206 Name: google.com Address: 173.194.112.192 Name: google.com Address: 173.194.112.201 Name: google.com Address: 173.194.112.198 Name: google.com Address: 173.194.112.196 Name: google.com Address: 173.194.112.197 Name: google.com Address: 173.194.112.194 Name: google.com Address: 173.194.112.193
By invoking nm-tool command I could see that my DNS changed to 8.8.8.8.
rejohn@R007:/etc/dhcp$ nm-tool
NetworkManager Tool
State: connected (global)
- Device: wlan0 [n00b] --------------------------------------------------------
Type: 802.11 WiFi
Driver: ath9k
State: connected
Default: yes
HW Address: aa:bb:cc:dd:ee:ff
Capabilities:
Speed: 54 Mb/s
Wireless Properties
WEP Encryption: yes
WPA Encryption: yes
WPA2 Encryption: yes
Wireless Access Points (* = current AP)
n00b: Infra, 60:73:5C:DA:84:10, Freq 2427 MHz, Rate 54 Mb/s, Strength 82 WPA2
D-Link: Infra, 28:10:7B:DD:84:6A, Freq 2437 MHz, Rate 54 Mb/s, Strength 57 WPA2
la maison: Infra, 00:18:4D:5E:59:5E, Freq 2462 MHz, Rate 54 Mb/s, Strength 45 WPA
Motorola: Infra, 00:14:A5:91:5A:65, Freq 2412 MHz, Rate 54 Mb/s, Strength 24
belkin.307: Infra, B4:75:0E:1F:F3:07, Freq 2422 MHz, Rate 54 Mb/s, Strength 20 WPA WPA2
IPv4 Settings:
Address: 192.168.xx.x
Prefix: 24 (255.255.255.0)
Gateway: 192.168.xxx.x
DNS: 8.8.8.8