Systemd-resolved DNS configuration for VPN
VPN GUI
When using ubuntu GUI VPN connection, the DNS might not be updated correctly. Following command can be used to update search domain and DNS server.
sudo systemd-resolve --interface tun0 --set-dns <dns_server> --set-domain <domain>Note: The latest test in VPN GUI, the DNS setting is working as expected.
VPN CLI
For openvpn command line,
openvpn --config client.ovpn --script-security 2 --up ./manual-configThe manual-config script can be as follow
#!/bin/sh
set -e
resolvectl dns $dev 192.0.2.53 192.0.2.54
resolvectl domain $dev "~foo.example.com" "~bar.example.com"
resolvectl dnssec $dev offor
#!/bin/sh
systemd-resolve -i $dev \
--set-dns=192.0.2.53 --set-dns=192.0.2.54 \
--set-domain=foo.example.com --set-domain=bar.example.com \
--set-dnssec=off # <- Not super nice, but might be needed.Another method is to use /etc/openvpn/update-systemd-resolved script, which is in openvpn-systemd-resolved package,
openvpn \
--config client.ovpn \
--up /etc/openvpn/update-systemd-resolved \
--down /etc/openvpn/update-systemd-resolved \
--down-pre \NetworkManager Integration
To allow DNS and other options applied to new interface, a dispatcher file can be created, for example, /etc/NetworkManager/dispatcher.d/10-openvpn-tun0-up. The content can be as follows
#!/usr/bin/env bash
interface=$1
event=$2
if [[ $interface != "tun0" ]] || [[ $event != "up" ]]
then
return 0
fi
# place your commands bellow this line
resolvectl dns tun0 192.168.1.1 192.168.1.2
resolvectl domain tun0 "~new.com"References
Systemd-resolved DNS configuration for VPN
Network Manager script when interface up?