DNS and OpenVPN Client

Hi, new here, tried to search for anything similar but couldn’t find.
TLDR; I have a XE300 Puli running the latest available firmware 3.x. With a 3G SIM card.

I have OpenVPN client configured to connect to my house. So far so good. Today I was trying to enable the DDNS on the router and noticed it wasn’t working, when checking the logs the router was having issues resolving DNS.

I bit of investigation and I noticed that I can’t resolve any DNS when the VPN is connected, IP all works.

The router WiFi clients work without a bother, they can connect to the VPN ips and resolve DNS for public internet. Just the router itself seems to not know what DNS to use.

Checking /tmp/resolv.conf all seems in order.

Any ideas?

Thanks for the help.

Do you mean GL’s DDNS or DNS? For example, does resolving glddns.com work?

Do you have an options in your VPN interface:
Services from GL.iNet Use VPN

If yes, plz enable it

Hi, thanks
Nope it does not resolve any DNS which is why I’ve spotted this situation, when I was trying to enable the DDNS I noticed “can’t resolv” errors on the logs.

On the VPN interface options I don’t have that option. This is using OpenVPN Client connecting to my home OpenVPN server.

provide the full logs

Can you please advise which ones? Just to save some back and forth. Thanks

The logs that showed that there is an issue with the dns traffic originated from the modem itself.

Ah gotcha, ok will do when I’m back home at the router. Thanks for the help. I thought there were others I could provide also. Thanks

Since you are away form home, if you have SSH access to the modem, execute these commands and post the output:

# cat /tmp/resolv.conf.d/resolv.conf.auto
# cat /tmp/resolv.conf
# nslookup  dnsleaktest.com 
# nslookup  dnsleaktest.com
# uci show | grep -i dnsmasq

These quick commands can help us to identify any issues.

** Please note I have firmware v4 instead. But I am trying to help.

1 Like

Ah… it was exactly why I was trying to setup remote ssh that this all started.

So here it goes:

root@GL-XE300:~# cat /tmp/resolv.conf.d/resolv.conf.auto
cat: can't open '/tmp/resolv.conf.d/resolv.conf.auto': No such file or directory
root@GL-XE300:~# cat /tmp/resolv.conf
# Interface modem_1_1_2_4
root@GL-XE300:~# nslookup dnsleaktest.com
;; connection timed out; no servers could be reached

root@GL-XE300:~# nslookup dnsleaktest.com

Name:      dnsleaktest.com
Address 1:
*** Can't find dnsleaktest.com: No answer

root@GL-XE300:~# uci show | grep -i dnsmasq
dhcp.@dnsmasq[0].server='' ''

Not sure if relevant but here’s the firmware info also:
Current Version - 3.217
Compile Time - 2023-05-08 10:44:53
Last Update - unavailable

Really appreciate you trying to help :slight_smile:

I guess the issue is that you have set Manual DNS, which are blocked by the VPN service you’re connected to:

In other words, the modem clients will use the DNS of the VPN. But when the modem itself initiates a DNS resolve, it will use the Manual set ones, which are blocked by your VPN provider.

You can look the DNS resolvers used by your VPN:

cat /tmp/resolv.conf.vpn
1 Like

Your output:

And you can see your exact issue in the highlighted part:

Humm that’s interesting I could have sworn that I tested with manual dns disabled and it was doing the same… will try again…


Humm this is weird… I don’t recognize these ips…

root@GL-XE300:~# cat /tmp/resolv.conf.vpn

Just disabled and same behavior…

Level3 Resolver


disable the rebinding protection as well. And restart the vpn.

1 Like

These are set in your vpn configurations.

Interesting… the openvpn server is hosted in a Synology… why would it define like that…

After doing this the dns can now resolve. But off course since it’s going via the vpn I get the double NAT! :smiley: I think I’ve seen someone asking but not sure, can we have split VPN?

If you look at the screenshot above I even highlighted to you Split DNS! Anyway set the following to 0: