How do I make kresd use OpenVPN-supplied DNS servers when available?

I have an OpenVPN config with push "dhcp-option DNS" in the server-side config. On the Omnia, I can see that it has pulled this nameserver into /tmp/resolv.conf.d/:

# cat /tmp/resolv.conf.d/resolv.conf.vpn.bs1tun

But how do I make the resolver actually make use of this? Neither /tmp/resolv.conf.d/ nor /tmp/kresd.config picks up on this - they only show the DNS servers from my WAN’s DHCP server.

Why not manually configure the DNS that you want on this client Omnia?

From what you write I assume you want forwarding, so in ReForis you choose that, click “Custom Forwarder” button and configure it there. I expect that will just work.

The DNS server in question is only reachable if the VPN is up. Hence, setting it globally would break things, since it wouldn’t be able to resolve the DNS server in the first place.

Does kresd support something like dnsmasq’s ability to forward requests for a particular domain to a specific nameserver? That would also work for me.

It does, but there’s no clickable UI to set that up. It’s like

Thanks, that got it working.

Was this setting removed/never ported to reForis?

I didn’t even know about it.

Well, the same behaviour from Foris was ported to the reForis.

See screenshot (OpenVPN / Server Settings):
2023-10-27 00.22.39 omnia.home aaea5c26d11e

But this checkbox only applies to OpenVPN server on Turris router.
So in this case, “Use DNS via VPN” means that VPN clients can use DNS server provided by the Turris router.

However, I believe that your use-case is to use DNS server from VPN provider, to which your Turris router is connected as VPN client.
AFAIK (I could be wrong), that functionality was not implemented yet for OpenVPN client settings in reForis.

My use case is that I’m using the Omnia as a travel router. I have it log into my VPN server to act as a site-to-site VPN (via a VPS) so that my home machines are accessible on the go. I can mostly work around it by simply forwarding the DNS domain for said machines to my home router. The only issue I have to work around is that the VPN server itself is on said domain, but that’s easy enough to solve by hardcoding the IP in the ovpn config (or putting it in /etc/hosts). Only an issue if the IP changes, but VPS IPs don’t just change randomly.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.