How to choose DNS from openvpn PUSH string

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

octopus

Very Senior Member
I trying to use one preferred dns from my vpn provider, they come randomly in PUSH string.
Sometime it's the right one but often not.

I can extract DNS from vpn-log in right order with "grep" command.
Code:
vpn=1
grep -E "dhcp-option DNS" /tmp/vpnclient-$vpn.log  | cut -d ' ' -f3 | tail -n 2 | sort -n
wich give me:
46.227.67.134
192.165.9.158
and want to use first one: 46.227.67.134 but have redudance with: 192.165.9.158

in updown-client.sh, there is using:
Code:
if echo $option | grep "dhcp-option DNS"; then serverips="$serverips $(echo $option | sed "s/dhcp-option DNS //")"; fi
likely same as I do. Then it used by DNSVPN1
Code:
/usr/sbin/iptables -t nat -A DNSVPN1 -s 192.168.12.120 -j DNAT --to-destination 46.227.67.134
Howe can I make sure alway use first DNS and have second as redundance?

Thanks !
 
Last edited:

ColinTaylor

Part of the Furniture
How are you determining which of the two addresses pushed is "the right one"?

At the moment the addresses are:
46.227.67.134
192.165.9.158

but what if tomorrow they were:
149.27.617.34
122.133.7.58

which one is the right one now?
 

Zastoff

Very Senior Member
Looks like we use the same vpn provider ;)
I use the same DNS-Servers, But i use them with DNSCrypt-proxy (Those servers supports dnscrypt protocol v2 and i added them as static servers)
DNSCrypt-proxy handles so the fastest is used first.
 

octopus

Very Senior Member
How are you determining which of the two addresses pushed is "the right one"?

At the moment the addresses are:
46.227.67.134
192.165.9.158

but what if tomorrow they were:
149.27.617.34
122.133.7.58

which one is the right one now?
OK, There is only two DNS from my provider so it's alway same 2 ones.
 

octopus

Very Senior Member
Looks like we use the same vpn provider ;)
I use the same DNS-Servers, But i use them with DNSCrypt-proxy (Those servers supports dnscrypt protocol v2 and i added them as static servers)
DNSCrypt-proxy handles so the fastest is used first.
Ok, I know they support DnsCrypt and I want to try it. Do you get it working with DNS on router with wan?
 

Zastoff

Very Senior Member
Ok, I know they support DnsCrypt and I want to try it. Do you get it working with DNS on router with wan?
Yes it works fine.
I dont push the dns via vpn.. Accept DNS Configuration = Disabled
 

octopus

Very Senior Member
Yes it works fine.
I dont push the dns via vpn.. Accept DNS Configuration = Disabled
Thanks i give it a try later one when I have read up on this. :)
 

octopus

Very Senior Member
So do as @Zastoff does and hard-code the IP addresses into your application.
Easiest way to hard code it in is to in custom config use this, but then there is no redundancy.
Code:
pull-filter ignore "dhcp-option DNS 192.165.9.158"
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top