3

Background

I'm running Debian stretch/stable; I installed openvpn from the repo abd downloaded the configuration file us1041.conf (as an example) from my VPN provider into /etc/openvpn/us1041.conf. I want openvpn to run at boot, so following the VPN provider's instructions, I created /etc/openvpn/auth.txt with my credentials, add auth-user-pass auth.txt to the configuration file, and added AUTOSTART="us1041" to /etc/default/openvpn.

If I manually add the nameservers to /etc/resolv.conf:

nameserver 78.46.223.24 nameserver 162.242.211.137

the VPN works. Great! However, once I reboot, /etc/resolv.conf is overwritten with the nameservers from my ISP, and no connections resolve.

Also, I'm not using network manager or any GUI app to configure the network. I didn't install a graphical interface and network configuration worked "out of the box." This is /etc/network/interfaces:

source /etc/network/interfaces.d/* auto lo iface lo inet loopback allow-hotplug enp0s31f6 iface enp0s31f6 inet dhcp

Question

I think I need to use the /etc/openvpn/update-resolv-conf script, but I'm not sure how to configure that with the configuration files that came from my VPN provider.

How can I get the VPN's nameservers to persist across reboots?

Improve this question
3

2 Answers 2

Reset to default
1

Possible solutions

Override DNS servers from from your ISP's DHCP server:

/etc/dhcp/dhclient.conf:

supersede domain-name-servers 78.46.223.24, 162.242.211.137

Edit /etc/network/interfaces (or are you using NetworkManager?)

Include dns-nameservers 78.46.223.24 162.242.211.137 along with your internet interface's definitions (ip, gateway, etc.) if you define them there.

Edit your NetworkManager configuration

Using the nm-connection-editor or nmcli, for example, specify DNS servers manually.

Use a helper script

Integrate OpenVPN with systemd-resolved via DBus, for example.

Improve this answer
0

The first 2 lines of /etc/resolv.conf is

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

I think you didn't read it...

You have 2 choices: - put these lines into your openvpn.conf (the preferred way)

dhcp-option DNS 78.46.223.24 dhcp-option DNS 162.242.211.137 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf

or these to /etc/resolvconf/resolv.conf.d/head (can cause problems when vpn is down)

nameserver 78.46.223.24 nameserver 162.242.211.137
Improve this answer
1
  • The first two lines of said file aren't what you claim they are. At least not always. My resolv.conf was updated (trashed) by I think dhclient, and the only line is a nameserver entry… Not everyone uses (or used in 2017) resolvconf. I tried it shortly after it was introduced, and soon found it very lacking and never used it again. Commented Nov 15, 2022 at 17:44

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.