Bug #2525: OpenVPN name resolution - NethServer 6 - NethServer.org

Bug #2525

OpenVPN name resolution

Added by Filippo Carletti over 7 years ago. Updated over 7 years ago.

Status:

CLOSED

Start date:

Priority:

Normal

Due date:

Assignee:

% Done:

100%

Category:

nethserver-openvpn

Target version:

v6.5-beta3

Security class:

Resolution:

Affected version:

v6.4-beta2

NEEDINFO:

Description

After openvpn connection to our firewall, DNS names are not resolved on client.
Firewall pushes its IP address as DNS to client, but our firewall is not our dns, it has no name server active on port 53, it simply direct queries to our internal DNS.

Associated revisions

Revision 7962bbdf
Added by Giacomo Sanchietti over 7 years ago

host-to-net.conf template: push DNS server address to client. Refs #2525

Revision 16284f2f
Added by Giacomo Sanchietti over 7 years ago

host-to-net.conf template: use dns 'role' property. Refs #2525

History

#1 Updated by Filippo Carletti over 7 years ago

A possibile fix:

--- /etc/e-smith/templates/etc/openvpn/host-to-net.conf/40route    2013-10-24 10:08:03.000000000 +0200
+++ /etc/e-smith/templates-custom/etc/openvpn/host-to-net.conf/40route    2013-12-19 16:07:47.280732034 +0100
@@ -4,6 +4,7 @@
     my $ndb = esmith::NetworksDB->open_ro();
     my $green = $ndb->green();
     my $IPAddress = $green->prop('ipaddr');
+    $DNS = $dns{'NameServers'} || $IPAddress;

     $OUT  = "";

@@ -13,8 +14,8 @@
     }

     $OUT .= "push \"dhcp-option DOMAIN $DomainName\"\n";
-    $OUT .= "push \"dhcp-option DNS $IPAddress\"\n";
-    $OUT .= "push \"dhcp-option WINS $IPAddress\"\n";
+    $OUT .= "push \"dhcp-option DNS $DNS\"\n";
+    $OUT .= "push \"dhcp-option WINS $DNS\"\n";
     $OUT .= "push \"dhcp-option NBT 2\"\n";
     $OUT .= "push \"dhcp-option NBDD $IPAddress\"\n";

#2 Updated by Filippo Carletti over 7 years ago

Status changed from NEW to TRIAGED
Target version set to v6.5-beta3
% Done changed from 0 to 20

#3 Updated by Giacomo Sanchietti over 7 years ago

Status changed from TRIAGED to ON_DEV
Assignee set to Giacomo Sanchietti
% Done changed from 20 to 30

#4 Updated by Giacomo Sanchietti over 7 years ago

Status changed from ON_DEV to MODIFIED
% Done changed from 30 to 60

#5 Updated by Giacomo Sanchietti over 7 years ago

Status changed from MODIFIED to ON_QA
Assignee deleted (~~Giacomo Sanchietti~~)
% Done changed from 60 to 70

Packages in nethserver-testing:

nethserver-openvpn-1.0.1-2.0git16284f2f.ns6.noarch.rpm

Test case

Configure and connect an OpenVPN client to the server
If the server is the network DNS (dns[role] = 'resolver'), the client must receive the ip address of the server itself as DNS server
Otherwise the client must receive the value of dns[NameServers] property as DNS server(s)

#6 Updated by Davide Principi over 7 years ago

Assignee set to Davide Principi

#7 Updated by Davide Principi over 7 years ago

Status changed from ON_QA to VERIFIED
Assignee deleted (~~Davide Principi~~)
% Done changed from 70 to 90

#8 Updated by Davide Principi over 7 years ago

Status changed from VERIFIED to CLOSED
% Done changed from 90 to 100

Released in nethserver/6.5/base repository.

Also available in: Atom PDF

NethServer 6

Issues

Custom queries