wiki:Pushing-DNS-to-clients

Version 2 (modified by tct, 5 years ago) (diff)

--

Pushing DNS servers to clients


This page describes how to use pushed DNS servers in the client.

Contents:

  1. Using pushed DNS servers with a Linux client
  2. Using pushed DNS servers with a Windows client

Using pushed DNS servers with a Linux client

Linux must use an external script to update the DNS servers in /etc/resolve.conf

Most Distro OpenVPN packages include /etc/openvpn/update-resolv-conf script.
Source: https://github.com/alfredopalhares/openvpn-update-resolv-conf

Call the script by adding this to your client config file:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Using pushed DNS servers with a Windows client

Windows uses the OpenVPN built-in DHCP server to update the TAP adapter's DNS servers and no additional steps are required.

You need to use --block-outside-dns to prevent Windows from using the system's default DNS servers (Preventing DNS leaks).


Additional notes

TODO


Pushing DNS servers to clients -- return to top