VPNing with OpenVPN and OpenResolv
Living in the north eastern United States means being very familiar with snow. In fact, nor'easter is nutmeg for blizzard. With that in mind, occasionally I find myself needing to work remotely. That means setting up OpenVPN, which is simple enough. Or so it seemed -- it helps to have your custom DNS entries available before you need to connect through a VPN 😛. Assuming you have that though, getting OpenVPN to play nice with OpenResolv for local DNS is actually pretty simple. Below I use three shell scripts and a custom resolv.conf file to configure access to my VPN:
#!/bin/sh openvpn --config ./my-vpn-config.ovpn --script-security 2 --up ./up.sh --down ./down.sh
This is just a simple frontend to OpenVPN. It takes in our work-provided VPN settings and tells OpenVPN to run our own custom scripts on connections coming on/offline.
Note our use of
this allows OpenVPN to call the shell scripts we provide in the
#!/bin/sh echo "Bringing up the tunnel DNS.." resolvconf -a tap0 <resolv.conf
After the connection is established, OpenVPN calls this up.sh script. It's just a frontend to resolvconf to add our local resolv.conf file (featured below) for the tap0 interface that OpenVPN creates to tunnel our network connection.
#!/bin/sh echo "Bringing down the tunnel DNS.." resolvconf -d tap0
Similar to our up script, this script is called when OpenVPN brings down the connection, to remove our DNS servers from resolv.conf.
search tld.here nameserver 0.0.0.0 #DNS ip address 1 here nameserver 0.0.0.0 #DNS ip address 2 here
This file contains the additional nameservers and the domain they correspond to.
And there you have it -- easy on/off custom DNS-servers using OpenResolv with OpenVPN. This works equally well on FreeBSD and Linux (tested with a Manjaro install). There's plenty of additional functionality in both commands, so be sure to check the docs.