OpenVPN breaks local dns

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
Circa
DD-WRT Novice


Joined: 15 Sep 2018
Posts: 6

PostPosted: Thu Feb 28, 2019 0:33    Post subject: OpenVPN breaks local dns Reply with quote
I set up a local dns resolver on a Raspberry Pi with Pihole and Unbound resolver. Everything works fine until I turn on my OpenVPN Client on my ddwrt router.
Once the OpenVPN Client is enabled, my local dns stops working.

Looking at Unbound's error says it can't bind port 53. After enabling OpenVPN Client, port 53 on the router is opened, breaking my dns.
This might just be a coincidence but I'm not sure.

My Pi's setup is correct and fully functional if OpenVPN Client is disabled then stops working once OpenVPN Client is enabled.

The Pihole, raspbian, and unbound community haven't been able to help me fix this.

All devices have been fully wiped and fresh reinstalls performed multiple times.

Could someone please help me get OpenVPN Client and local DNS (Pi, Pihole, and unbound) to work together?

R7000 with Kong PTB DD-WRT v3.0-r38580M kongac (02/05/19).

_________________
R7000 - Kong PTB Test
Sponsor
grc
DD-WRT User


Joined: 11 Jul 2018
Posts: 87

PostPosted: Fri Mar 01, 2019 12:18    Post subject: Reply with quote
try this in Additional DNSsmasq Options:

no-resolv
server=x.x.x.x

where x.x.x.x is IP to Pi-hole
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6362
Location: Netherlands

PostPosted: Fri Mar 01, 2019 13:12    Post subject: Reply with quote
When you enable OpenVPN client to a commercial provider they push their DNS servers and those are used.

You can stop the pushing of the DNS servers by adding the following to the Additional config of the OVPN client:
Code:
pull-filter ignore "dhcp-option DNS"


Or you can tell DNSMasq to ignore the DNS servers in resolv.dnsmasq with the settings of @grc
This would be my preferred method as there is a bug which can cause DNS leakage and this method will stop it

I think you also have to disable the "No DNS rebind" setting when using an other local DNS server

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum