= **Using DNS servers pushed to clients** #pushdns-top ---- This page describes how to use pushed DNS servers in the client. **Contents:** 1. [#pushdns-nix Using DNS servers pushed to a Linux client] [[br]] 1. [#pushdns-win Using DNS servers pushed to a Windows client] [[br]] 1. [#pushdns-add Additional notes] [[br]] ---- == Using DNS servers pushed to a Linux client #pushdns-nix Linux must use an external script to update the DNS servers in `/etc/resolve.conf` Most Distro OpenVPN packages include `/etc/openvpn/update-resolv-conf.sh` script. [[br]] Source: https://github.com/alfredopalhares/openvpn-update-resolv-conf Call the script by adding this to your client config file: {{{ script-security 2 up /etc/openvpn/update-resolv-conf.sh down /etc/openvpn/update-resolv-conf.sh }}} **Note**: The script may also be called `update-resolv-conf` without a `.sh` suffix. ---- == Using DNS servers pushed to a Windows client #pushdns-win OpenVPN 2.4:: Windows uses the OpenVPN built-in DHCP server to update the TAP adapter's DNS servers and no additional steps are required. This does require that the client is run using the [https://community.openvpn.net/openvpn/wiki/OpenVPN-GUI-New OpenVPN-GUI] and that the OpenVPN `InteractiveService` for Windows is started. To prevent DNS leaks at the client use `--block-outside-dns`. OpenVPN 2.3:: Windows uses the OpenVPN built-in DHCP server to update the TAP adapter's DNS servers and no additional steps are required. This does require that the client is run as an administrator user. This version does not support `--block-outside-dns` ---- == Additional notes #pushdns-add Linux notes:: If the client is run using `--user` and `--group` to drop the process privileges then the `--down` script will fail and leave the client DNS in an undefined state. The recommended way to resolve this is to use the [https://github.com/OpenVPN/openvpn/blob/master/src/plugins/down-root/README.down-root openvpn-down-root.so] plugin module. TODO:: systemd-resolved **Help improve this page ..** ---- [#pushdns-top return to top] ----