Prioritize VPN's DNS Server
Is there a way to prioritize a particular DNS server only when connecting to a VPN (OpenVPN) through Network Manager or one of its configuration files?
I have a VPN (192.168.1.*) I frequently connect to that has DNS (192.168.1.53) configured to resolve host names of the form *.internal.example.com on its network. My local router (192.168.0.1) has DD-WRT on it with Google's DNS setup (those aren't strictly needed).
I've replaced the systemd /etc/resolv.conf stub with a symlink to /run/systemd/resolve/resolv.conf so that host names will actually resolve using the VPN's DNS server. Yesterday it was working fine because the VPN's DNS server was at the top of the list.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.1.53
nameserver 192.168.0.1
nameserver 8.8.8.8
# Too many DNS servers configured, the following entries may be ignored.
nameserver 8.8.4.4
search Home internal.example.com
However, when I connected today the DNS entries were reordered.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
# Too many DNS servers configured, the following entries may be ignored.
nameserver 192.168.1.53
search Home internal.example.com
The order frequently changes after a reboot. Sometimes upon reconnection to the VPN I notice the order changes (after experiencing the resolution issue).
systemd-resolve works just fine and can resolve the hosts using the proper DNS server.
$ systemd-resolve --status --no-pager
Global
DNSSEC NTA: ...
Link 10 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.53
DNS Domain: internal.example.com
Link 2 (eno1)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.0.1
8.8.8.8
8.8.4.4
192.168.1.53
DNS Domain: Home
$ systemd-resolve srv1.internal.example.com
srv1.internal.example.com: 192.168.1.113
-- Information acquired via protocol DNS in 2.1ms.
-- Data is authenticated: no
ping, nslookup, and ssh all fail though.
$ ping srv1.internal.example.com
ping: srv1.internal.example.com: Name or service not known
$ nslookup srv1.internal.example.com
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can't find srv1.internal.example.com: NXDOMAIN
$ ssh srv1.internal.example.com
ssh: Could not resolve hostname srv1.internal.example.com: Name or service not known
A few notes.
I connect to the VPN through Network Manager. I have the VPN's DNS manually specified on the VPN under: IPv4 > DNS Servers.
I tried using a separate wired ethernet connection configured with the VPN's DNS under: IPv4 > Other DNS Servers.
18.04 network-manager systemd systemd-resolved
asked Feb 5 at 21:13
cpburnzcpburnz
437725
|
show 4 more comments
Is there a way to prioritize a particular DNS server only when connecting to a VPN (OpenVPN) through Network Manager or one of its configuration files?
I have a VPN (192.168.1.*) I frequently connect to that has DNS (192.168.1.53) configured to resolve host names of the form *.internal.example.com on its network. My local router (192.168.0.1) has DD-WRT on it with Google's DNS setup (those aren't strictly needed).
I've replaced the systemd /etc/resolv.conf stub with a symlink to /run/systemd/resolve/resolv.conf so that host names will actually resolve using the VPN's DNS server. Yesterday it was working fine because the VPN's DNS server was at the top of the list.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.1.53
nameserver 192.168.0.1
nameserver 8.8.8.8
# Too many DNS servers configured, the following entries may be ignored.
nameserver 8.8.4.4
search Home internal.example.com
However, when I connected today the DNS entries were reordered.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
# Too many DNS servers configured, the following entries may be ignored.
nameserver 192.168.1.53
search Home internal.example.com
The order frequently changes after a reboot. Sometimes upon reconnection to the VPN I notice the order changes (after experiencing the resolution issue).
systemd-resolve works just fine and can resolve the hosts using the proper DNS server.
$ systemd-resolve --status --no-pager
Global
DNSSEC NTA: ...
Link 10 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.53
DNS Domain: internal.example.com
Link 2 (eno1)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.0.1
8.8.8.8
8.8.4.4
192.168.1.53
DNS Domain: Home
$ systemd-resolve srv1.internal.example.com
srv1.internal.example.com: 192.168.1.113
-- Information acquired via protocol DNS in 2.1ms.
-- Data is authenticated: no
ping, nslookup, and ssh all fail though.
$ ping srv1.internal.example.com
ping: srv1.internal.example.com: Name or service not known
$ nslookup srv1.internal.example.com
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can't find srv1.internal.example.com: NXDOMAIN
$ ssh srv1.internal.example.com
ssh: Could not resolve hostname srv1.internal.example.com: Name or service not known
A few notes.
I connect to the VPN through Network Manager. I have the VPN's DNS manually specified on the VPN under: IPv4 > DNS Servers.
I tried using a separate wired ethernet connection configured with the VPN's DNS under: IPv4 > Other DNS Servers.
18.04 network-manager systemd systemd-resolved
asked Feb 5 at 21:13
cpburnzcpburnz
437725
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00
|
show 4 more comments
Is there a way to prioritize a particular DNS server only when connecting to a VPN (OpenVPN) through Network Manager or one of its configuration files?
I have a VPN (192.168.1.*) I frequently connect to that has DNS (192.168.1.53) configured to resolve host names of the form *.internal.example.com on its network. My local router (192.168.0.1) has DD-WRT on it with Google's DNS setup (those aren't strictly needed).
I've replaced the systemd /etc/resolv.conf stub with a symlink to /run/systemd/resolve/resolv.conf so that host names will actually resolve using the VPN's DNS server. Yesterday it was working fine because the VPN's DNS server was at the top of the list.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.1.53
nameserver 192.168.0.1
nameserver 8.8.8.8
# Too many DNS servers configured, the following entries may be ignored.
nameserver 8.8.4.4
search Home internal.example.com
However, when I connected today the DNS entries were reordered.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
# Too many DNS servers configured, the following entries may be ignored.
nameserver 192.168.1.53
search Home internal.example.com
The order frequently changes after a reboot. Sometimes upon reconnection to the VPN I notice the order changes (after experiencing the resolution issue).
systemd-resolve works just fine and can resolve the hosts using the proper DNS server.
$ systemd-resolve --status --no-pager
Global
DNSSEC NTA: ...
Link 10 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.53
DNS Domain: internal.example.com
Link 2 (eno1)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.0.1
8.8.8.8
8.8.4.4
192.168.1.53
DNS Domain: Home
$ systemd-resolve srv1.internal.example.com
srv1.internal.example.com: 192.168.1.113
-- Information acquired via protocol DNS in 2.1ms.
-- Data is authenticated: no
ping, nslookup, and ssh all fail though.
$ ping srv1.internal.example.com
ping: srv1.internal.example.com: Name or service not known
$ nslookup srv1.internal.example.com
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can't find srv1.internal.example.com: NXDOMAIN
$ ssh srv1.internal.example.com
ssh: Could not resolve hostname srv1.internal.example.com: Name or service not known
A few notes.
I connect to the VPN through Network Manager. I have the VPN's DNS manually specified on the VPN under: IPv4 > DNS Servers.
I tried using a separate wired ethernet connection configured with the VPN's DNS under: IPv4 > Other DNS Servers.
18.04 network-manager systemd systemd-resolved
asked Feb 5 at 21:13
cpburnzcpburnz
437725
Is there a way to prioritize a particular DNS server only when connecting to a VPN (OpenVPN) through Network Manager or one of its configuration files?
I have a VPN (192.168.1.*) I frequently connect to that has DNS (192.168.1.53) configured to resolve host names of the form *.internal.example.com on its network. My local router (192.168.0.1) has DD-WRT on it with Google's DNS setup (those aren't strictly needed).
I've replaced the systemd /etc/resolv.conf stub with a symlink to /run/systemd/resolve/resolv.conf so that host names will actually resolve using the VPN's DNS server. Yesterday it was working fine because the VPN's DNS server was at the top of the list.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.1.53
nameserver 192.168.0.1
nameserver 8.8.8.8
# Too many DNS servers configured, the following entries may be ignored.
nameserver 8.8.4.4
search Home internal.example.com
However, when I connected today the DNS entries were reordered.
# /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
# ...
nameserver 192.168.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
# Too many DNS servers configured, the following entries may be ignored.
nameserver 192.168.1.53
search Home internal.example.com
The order frequently changes after a reboot. Sometimes upon reconnection to the VPN I notice the order changes (after experiencing the resolution issue).
systemd-resolve works just fine and can resolve the hosts using the proper DNS server.
$ systemd-resolve --status --no-pager
Global
DNSSEC NTA: ...
Link 10 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.53
DNS Domain: internal.example.com
Link 2 (eno1)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.0.1
8.8.8.8
8.8.4.4
192.168.1.53
DNS Domain: Home
$ systemd-resolve srv1.internal.example.com
srv1.internal.example.com: 192.168.1.113
-- Information acquired via protocol DNS in 2.1ms.
-- Data is authenticated: no
ping, nslookup, and ssh all fail though.
$ ping srv1.internal.example.com
ping: srv1.internal.example.com: Name or service not known
$ nslookup srv1.internal.example.com
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can't find srv1.internal.example.com: NXDOMAIN
$ ssh srv1.internal.example.com
ssh: Could not resolve hostname srv1.internal.example.com: Name or service not known
A few notes.
I connect to the VPN through Network Manager. I have the VPN's DNS manually specified on the VPN under: IPv4 > DNS Servers.
I tried using a separate wired ethernet connection configured with the VPN's DNS under: IPv4 > Other DNS Servers.
18.04 network-manager systemd systemd-resolved
18.04 network-manager systemd systemd-resolved
asked Feb 5 at 21:13
cpburnzcpburnz
437725
asked Feb 5 at 21:13
cpburnzcpburnz
437725
edited Feb 28 at 17:58
cpburnz
asked Feb 5 at 21:13
cpburnzcpburnz
437725
asked Feb 5 at 21:13
cpburnzcpburnz
437725
asked Feb 5 at 21:13
cpburnzcpburnz
437725
437725
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00
|
show 4 more comments
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00
|
show 4 more comments
2 Answers
2
active
oldest
votes
As you accept using dnsmasq, how about this:
- Point your resolv.conf to 127.0.0.1 (nameserver 127.0.0.1)
- Try this config on your dnsmasq:
server=/internal.example.com/192.168.1.53
server=8.8.8.8
This would use 192.168.1.53 for domain "internal.example.com" and 8.8.8.8 for everything else.
Take a look at "-S, --local, --server=" option on dnsmasq man page.
Update: You may also want to disable DHCP, so to avoid conflicts with your local router. Maybe listening only on lo (127.0.0.1) interface.
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
add a comment |
Thanks to JucaPirama's answer for the direction I needed, this is my final setup using dnsmasq in front of systemd-resolved.
Disable the systemd-resolved stub DNS server. In /etc/systemd/resolved.conf
change
#DNSStubListener=yes
to
DNSStubListener=no
Restart systemd-resolved.
sudo systemctl restart systemd-resolved
Install dnsmasq.
sudo apt-get install dnsmasq
Setup dnsmasq. In /etc/dnsmasq.conf, use systemd-resolved's resolv.conf file by changing
#resolv-file=/etc/resolv.conf
to
resolv-file=/run/systemd/resolve/resolv.conf
Set the VPN's DNS server for just its domains by adding
server=/internal.example.com/192.168.1.53
Disable DHCP to prevent any potential conflicts by changing
#no-dhcp-interface=
to
no-dhcp-interface=
Restart dnsmasq.
sudo systemctl restart dnsmasq
Unlink /etc/resolv.conf from systemd-resolved's configuration.
sudo unlink /etc/resolv.conf
Edit /etc/resolv.conf to use dnsmasq. This step might not be needed because Network Manager at some point overrode it to point to 127.0.0.53 anyway.
nameserver 127.0.0.53
answered Mar 6 at 15:39
cpburnzcpburnz
437725
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1115932%2fprioritize-vpns-dns-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
As you accept using dnsmasq, how about this:
- Point your resolv.conf to 127.0.0.1 (nameserver 127.0.0.1)
- Try this config on your dnsmasq:
server=/internal.example.com/192.168.1.53
server=8.8.8.8
This would use 192.168.1.53 for domain "internal.example.com" and 8.8.8.8 for everything else.
Take a look at "-S, --local, --server=" option on dnsmasq man page.
Update: You may also want to disable DHCP, so to avoid conflicts with your local router. Maybe listening only on lo (127.0.0.1) interface.
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
add a comment |
As you accept using dnsmasq, how about this:
- Point your resolv.conf to 127.0.0.1 (nameserver 127.0.0.1)
- Try this config on your dnsmasq:
server=/internal.example.com/192.168.1.53
server=8.8.8.8
This would use 192.168.1.53 for domain "internal.example.com" and 8.8.8.8 for everything else.
Take a look at "-S, --local, --server=" option on dnsmasq man page.
Update: You may also want to disable DHCP, so to avoid conflicts with your local router. Maybe listening only on lo (127.0.0.1) interface.
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
add a comment |
As you accept using dnsmasq, how about this:
- Point your resolv.conf to 127.0.0.1 (nameserver 127.0.0.1)
- Try this config on your dnsmasq:
server=/internal.example.com/192.168.1.53
server=8.8.8.8
This would use 192.168.1.53 for domain "internal.example.com" and 8.8.8.8 for everything else.
Take a look at "-S, --local, --server=" option on dnsmasq man page.
Update: You may also want to disable DHCP, so to avoid conflicts with your local router. Maybe listening only on lo (127.0.0.1) interface.
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
As you accept using dnsmasq, how about this:
- Point your resolv.conf to 127.0.0.1 (nameserver 127.0.0.1)
- Try this config on your dnsmasq:
server=/internal.example.com/192.168.1.53
server=8.8.8.8
This would use 192.168.1.53 for domain "internal.example.com" and 8.8.8.8 for everything else.
Take a look at "-S, --local, --server=" option on dnsmasq man page.
Update: You may also want to disable DHCP, so to avoid conflicts with your local router. Maybe listening only on lo (127.0.0.1) interface.
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
edited Mar 6 at 15:57
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
answered Feb 28 at 20:21
JucaPiramaJucaPirama
3396
3396
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
add a comment |
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
Thank you, this works.
– cpburnz
Mar 6 at 15:21
Thank you, this works.
– cpburnz
Mar 6 at 15:21
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
You're welcome. And just updated the answer with the correct param order.
– JucaPirama
Mar 6 at 15:59
add a comment |
Thanks to JucaPirama's answer for the direction I needed, this is my final setup using dnsmasq in front of systemd-resolved.
Disable the systemd-resolved stub DNS server. In /etc/systemd/resolved.conf
change
#DNSStubListener=yes
to
DNSStubListener=no
Restart systemd-resolved.
sudo systemctl restart systemd-resolved
Install dnsmasq.
sudo apt-get install dnsmasq
Setup dnsmasq. In /etc/dnsmasq.conf, use systemd-resolved's resolv.conf file by changing
#resolv-file=/etc/resolv.conf
to
resolv-file=/run/systemd/resolve/resolv.conf
Set the VPN's DNS server for just its domains by adding
server=/internal.example.com/192.168.1.53
Disable DHCP to prevent any potential conflicts by changing
#no-dhcp-interface=
to
no-dhcp-interface=
Restart dnsmasq.
sudo systemctl restart dnsmasq
Unlink /etc/resolv.conf from systemd-resolved's configuration.
sudo unlink /etc/resolv.conf
Edit /etc/resolv.conf to use dnsmasq. This step might not be needed because Network Manager at some point overrode it to point to 127.0.0.53 anyway.
nameserver 127.0.0.53
answered Mar 6 at 15:39
cpburnzcpburnz
437725
add a comment |
Thanks to JucaPirama's answer for the direction I needed, this is my final setup using dnsmasq in front of systemd-resolved.
Disable the systemd-resolved stub DNS server. In /etc/systemd/resolved.conf
change
#DNSStubListener=yes
to
DNSStubListener=no
Restart systemd-resolved.
sudo systemctl restart systemd-resolved
Install dnsmasq.
sudo apt-get install dnsmasq
Setup dnsmasq. In /etc/dnsmasq.conf, use systemd-resolved's resolv.conf file by changing
#resolv-file=/etc/resolv.conf
to
resolv-file=/run/systemd/resolve/resolv.conf
Set the VPN's DNS server for just its domains by adding
server=/internal.example.com/192.168.1.53
Disable DHCP to prevent any potential conflicts by changing
#no-dhcp-interface=
to
no-dhcp-interface=
Restart dnsmasq.
sudo systemctl restart dnsmasq
Unlink /etc/resolv.conf from systemd-resolved's configuration.
sudo unlink /etc/resolv.conf
Edit /etc/resolv.conf to use dnsmasq. This step might not be needed because Network Manager at some point overrode it to point to 127.0.0.53 anyway.
nameserver 127.0.0.53
answered Mar 6 at 15:39
cpburnzcpburnz
437725
add a comment |
Thanks to JucaPirama's answer for the direction I needed, this is my final setup using dnsmasq in front of systemd-resolved.
Disable the systemd-resolved stub DNS server. In /etc/systemd/resolved.conf
change
#DNSStubListener=yes
to
DNSStubListener=no
Restart systemd-resolved.
sudo systemctl restart systemd-resolved
Install dnsmasq.
sudo apt-get install dnsmasq
Setup dnsmasq. In /etc/dnsmasq.conf, use systemd-resolved's resolv.conf file by changing
#resolv-file=/etc/resolv.conf
to
resolv-file=/run/systemd/resolve/resolv.conf
Set the VPN's DNS server for just its domains by adding
server=/internal.example.com/192.168.1.53
Disable DHCP to prevent any potential conflicts by changing
#no-dhcp-interface=
to
no-dhcp-interface=
Restart dnsmasq.
sudo systemctl restart dnsmasq
Unlink /etc/resolv.conf from systemd-resolved's configuration.
sudo unlink /etc/resolv.conf
Edit /etc/resolv.conf to use dnsmasq. This step might not be needed because Network Manager at some point overrode it to point to 127.0.0.53 anyway.
nameserver 127.0.0.53
answered Mar 6 at 15:39
cpburnzcpburnz
437725
Thanks to JucaPirama's answer for the direction I needed, this is my final setup using dnsmasq in front of systemd-resolved.
Disable the systemd-resolved stub DNS server. In /etc/systemd/resolved.conf
change
#DNSStubListener=yes
to
DNSStubListener=no
Restart systemd-resolved.
sudo systemctl restart systemd-resolved
Install dnsmasq.
sudo apt-get install dnsmasq
Setup dnsmasq. In /etc/dnsmasq.conf, use systemd-resolved's resolv.conf file by changing
#resolv-file=/etc/resolv.conf
to
resolv-file=/run/systemd/resolve/resolv.conf
Set the VPN's DNS server for just its domains by adding
server=/internal.example.com/192.168.1.53
Disable DHCP to prevent any potential conflicts by changing
#no-dhcp-interface=
to
no-dhcp-interface=
Restart dnsmasq.
sudo systemctl restart dnsmasq
Unlink /etc/resolv.conf from systemd-resolved's configuration.
sudo unlink /etc/resolv.conf
Edit /etc/resolv.conf to use dnsmasq. This step might not be needed because Network Manager at some point overrode it to point to 127.0.0.53 anyway.
nameserver 127.0.0.53
answered Mar 6 at 15:39
cpburnzcpburnz
437725
answered Mar 6 at 15:39
cpburnzcpburnz
437725
answered Mar 6 at 15:39
cpburnzcpburnz
437725
answered Mar 6 at 15:39
cpburnzcpburnz
437725
437725
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1115932%2fprioritize-vpns-dns-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Bounty note: if something like dnsmasq running locally on my machine can solve this I'm open to suggestions.
– cpburnz
Feb 28 at 16:33
Do you use network manager to start your VPN ? Because NM has options to set DNS servers..
– Robert Riedl
Feb 28 at 17:37
@RobertRiedl Yes, I use NM to connect to the VPN, I do have the DNS server manually specified on the VPN under "IPv4" > "DNS Servers".
– cpburnz
Feb 28 at 17:54
And that doesn't work ? Sorry I'm in mobile, I can't be of more help right now...
– Robert Riedl
Feb 28 at 17:59
@RobertRiedl No, it strangely doesn't.
– cpburnz
Feb 28 at 18:00