You are not logged in.

#1 2019-04-27 20:32:52

tlillenuit
Member
From: Ireland
Registered: 2019-03-24
Posts: 28

[Solved] Stubby + dnsmasq + openVPN?

I have just installed and configured stubby and DNSmasq to use combination of certain DNS servers and to make sure my resolv.conf
doesn't get overwritten, I changed the immutable permissions on /etc/resolv.conf. My question is, how do I configure the things so I can
connect up to my VPN? ExpressVPN, of course, refuses to connect due to /etc/resolv.conf write permissions having been changed.

On the other hand, if I do chattr -i /etc/resolv.conf and connect up to the VPN, it will overwrite the contents with its DNS server configuration,
and then after having disconnected from it, the configuration will revert to point to the router's configuration, instead of to my new stubby/dnsmasq
setup. Is there a way to combine the two and get around this conflict, so I can connect up to my VPN normally, but after disconnecting and when
surfing unencrypted, for my DNS configuration to be handled by stubby + dnsmasq? Thanks!

$ cat /etc/resolv.conf 

# Stubby + DNSmasq DNS configuration
nameserver ::1
nameserver 127.0.0.1
options timeout:1
options single-request


[#]    Upon connecting to ExpressVPN:

$ cat /etc/resolv.conf 

# Generated by expressvpn
search expressvpn
nameserver 10.159.0.1


[#]    After disconnecting from ExpressVPN configuration reverts to:

$ cat /etc/resolv.conf

# Generated by NetworkManager
search home
nameserver 192.168.1.254
nameserver fe80::1%enp0s25

Last edited by tlillenuit (2019-07-30 15:21:28)

Offline

#2 2019-04-27 20:53:18

loqs
Member
Registered: 2014-03-06
Posts: 18,633

Re: [Solved] Stubby + dnsmasq + openVPN?

Did you see the tip box on Overwriting of /etc/resolv.conf?

Offline

#3 2019-04-27 20:57:32

r0b0t
Member
From: /tmp
Registered: 2009-05-24
Posts: 510

Re: [Solved] Stubby + dnsmasq + openVPN?

I didn't use Stubby, but my guess is a dnscrypt alternative, so it should be listening for DNS request in localhost dns port. Why set it up manually, you can just set it on Network Manager and that's it.

As for "ExpressVPN" or whatever,  they probably ship with a custom client (an open source one, rebranded), you can ask them that you just want to use networkmanager-openvpn (or you can figure out yourself the configuration from the client itself) and get the configuration to set it up there, and of course, choose to use your own DNS and set up 127.0.0.1 as DNS locally.
That way you can have on both scenarios 127.0.0.1 (resolve.conf should point to 127.0.0.1 as well - which should be the default with networkmanager).

Offline

#4 2019-04-27 22:23:40

tlillenuit
Member
From: Ireland
Registered: 2019-03-24
Posts: 28

Re: [Solved] Stubby + dnsmasq + openVPN?

loqs: Thanks for the tip. Missed that one though. --> Tip: If you want multiple processes to write to /etc/resolv.conf, you can use resolvconf.

r0b0t: Thanks for your tips. I actually tried to set it up now the way you suggested, and managed to do it. I set the nm's resolver to dnsmasq/openresolv combo.
The only missing is the VPN setup to work with the combo. However, I've found this: http://studioidefix.com/2014/07/21/openresolv/ so I'll give it a try in a day or two.

Do you notice any slowdown while using your dnscrypt setup compared to the 'plain' one? Should the settings in a router be configured the certain way to allow the system/localhost to configure things its own way without traffic bottlenecks when using dnscrypt/stubby-sort of configuration?

Offline

#5 2019-04-27 22:33:35

loqs
Member
Registered: 2014-03-06
Posts: 18,633

Re: [Solved] Stubby + dnsmasq + openVPN?

Offline

#6 2019-04-27 22:37:18

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,426
Website

Re: [Solved] Stubby + dnsmasq + openVPN?

Most of your recent threads have been "issues" resulting from you not reading the wiki or just not thinking long enough about what you are trying to achieve.

Don't expect to continue to have your hand held here.


Remember to mark your thread as [Solved] by editing your first post and prepending it to the title.


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#7 2019-07-30 15:23:08

tlillenuit
Member
From: Ireland
Registered: 2019-03-24
Posts: 28

Re: [Solved] Stubby + dnsmasq + openVPN?

Thanks for your tip and sorry about that. I do try to read all the wikis, but I might have missed this one. My attention has been somewhat dissipated due to having loads of exams going on now.

Offline

Board footer

Powered by FluxBB