Answer the question
In order to leave comments, you need to log in
V
V
Viktor Yakovenko2020-11-16 15:59:52
Viktor Yakovenko, 2020-11-16 15:59:52
Why is the /etc/openvpn/update-resolv-conf script mentioned in the OpenVPN client config?
The official documentation https://openvpn.net/vpn-server-resources/connectin... mentions the script /etc/openvpn/update-resolv-conf
And for Linux clients it is recommended to specify the following in the config
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-confIn my case (Ubuntu 20.1) it works fine without this "section" in the client config.
Inside this script there is such a construction.
if [ ! -x /sbin/resolvconf ] ; thenI did not even find such a /sbin/resolvconf file on my system. At the same time, turning on / off vpn connections changes my dns from standard ones to those that are "pushed" by the server, and vice versa.
I'm watching live with the help of the team (cuts out everything superfluous).
watch " systemd-resolve --status | sed "'"/DNSSEC NTA/,/^$/{//!d};/docker/,/^$/d;/enp/,/^$/d"'" | sed "'"/LLMNR/d;/MulticastDNS/d;/DNSOverTLS/d;/DNSSEC/d;/DNSSEC/d;/Domain/d"'" "Maybe newer versions of openvpn are already working without the need for /etc/openvpn/update-resolv-conf ?
Or is it necessary for the RadHat, Arch, etc. families. ?
1 answer(s)
@dronmaxman
A
Andrey Barbolin, 2020-11-16 @dronmaxman
> for Linux clients, it is recommended to specify the following in the config
Not just for Linux, but for Ubuntu and Debian distributions.
In short, this is a crutch to solve the problem with DNS on these operating systems. If you don't have a problem, then you don't need to do anything.
Similar questions
T
M
P
O
A
alekssamos2019-07-14 12:57:04
Openvpn-gui Failed to find file to autostart even though it exists?
2Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question