Bug #3185

DNS name resolution from openvpn client

Added by Filippo Carletti about 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-openvpn
Target version:v6.6
Security class: Resolution:CURRENTRELEASE
Affected version:v6.6 NEEDINFO:No

Description

When connected through openvpn, sometimes the client can't resolve dns names.
A tcpdump:

# tcpdump -nn -p -i tun0
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
22:51:37.828652 IP 10.9.9.6.1025 > 10.9.9.1.53: 2142+ A? nethesis.it. (35)
22:51:37.828801 IP 10.9.9.1 > 10.9.9.6: ICMP 10.9.9.1 udp port 53 unreachable, length 71

The problem come from dnsmasq: if it's started after openvpn everything works.
Workaround:

service dnsmasq restart

tcpdump after restart:
22:51:53.065012 IP 10.9.9.6.1025 > 10.9.9.1.53: 56668+ A? nethesis.it. (35)
22:51:53.065352 IP 10.9.9.1.53 > 10.9.9.6.1025: 56668* 1/0/0 A 192.168.5.3 (51)


Related issues

Related to NethServer 6 - Enhancement #3220: Dnsmasq: drop bind-interfaces implementation CLOSED

History

#1 Updated by Filippo Carletti about 6 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.6
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti about 6 years ago

#4 Updated by Giacomo Sanchietti about 6 years ago

  • Assignee deleted (Giacomo Sanchietti)

It should be automatically resolved by #3220.

#5 Updated by Filippo Carletti about 6 years ago

  • Status changed from ON_DEV to CLOSED
  • % Done changed from 30 to 100
  • Resolution set to CURRENTRELEASE

Giacomo Sanchietti wrote:

It should be automatically resolved by #3220.

It is.

20:56:40.406174 IP 10.9.9.6.34001 > 10.9.9.1.53: 56386+ A? ibm.com. (25)
20:56:40.425205 IP 10.9.9.1.53 > 10.9.9.6.34001: 56386 1/0/0 A 129.42.38.1 (41)

Also available in: Atom PDF