You are not logged in.

Pages: 1

#1 2020-09-02 17:29:43

LandoR
Member
Registered: 2014-04-23
Posts: 16

New dns records resolve very slow when I am connected to OpenVPN

Hi,

I have a strange issue here. I am using an openvpn connection to access some services for my work.
I am also creating new dns records while connected to that VPN but for some reason I cannot resolve them until I disconnect from the VPN or i restart systemd-resolved.

I have a pretty much default setup with NetworkManager and I tried to reset all the DNS server overrides I did manually with NetworkManager. Not sure what the defaults for /etc/nsswitch.conf are. I have this

# Name Service Switch configuration file.
# See nsswitch.conf(5) for details.

passwd: files systemd
group: files systemd
shadow: files

publickey: files

hosts: files mymachines myhostname resolve [!UNAVAIL=return] dns
networks: files

protocols: files
services: files
ethers: files
rpc: files

netgroup: files

My openvpn config:
client.conf

client
key-direction 1
nobind
dev tun
remote-cert-tls server

remote vpn.example.com 1194 udp

<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
-----END ENCRYPTED PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<tls-auth>

-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>

redirect-gateway def1

server.conf

server 192.168.255.0 255.255.255.0

verb 4

key /etc/openvpn/pki/private/vpn.example.com.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/vpn.example.com.crt
dh /etc/openvpn/pki/dh.pem

tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60

persist-key
persist-tun

proto udp

# Rely on Docker to do port mapping, internally always 1194
port 1194

dev tun3
status /tmp/openvpn-status.log

user nobody
group nogroup

client-to-client
topology subnet

### Push Configurations Below
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

push "redirect-gateway def1"

Any idea what could be the reason for this?
Thank You

EDIT:
After 12 minutes one of the two dns entries resolves but still waiting for the second one after 24minutes.

EDIT2:
Do you have an idea how to speed this up?
When I restart systemd-resolved it's resolving immediately.

Last edited by LandoR (2020-09-09 13:19:44)

Offline

Pages: 1

Board footer

Powered by FluxBB