Ubuntu+NetworkManager+openvpn - completely replace /etc/resolv.conf with openvpn pushed DNS servers?

Solution 1:

I am/was having exactly the same problem with CrunchBang 11; it's possible my semi-satisfactory solution will work on Ubuntu since both are Debian-based.

I found by experiment that if I both:

  • install the resolvconf package, and

  • explicitly specify DNS servers in the VPN configuration in NetworkManager

then connecting to the VPN completely replaces the DNS servers in /etc/resolv.conf with those configured in NetworkManager for the VPN. I would rather just use the VPN server's provided DNS configuration, but I think using a public DNS (e.g. OpenNIC) in the VPN configuration is OK. I would assume (but can't be sure) that the DNS requests go out over the VPN, unlike requests to the local network's DNS server. (In my specific case, the /etc/resolv.conf used to contain a non-routable IP addess pointing to the local wifi router's built-in DNS, which in turn forwarded on to the local ISP.)

(It may be that this is a side-effect of specifying three or more DNS servers in the VPN configuration; I have four. Without resolvconf the generated resolv.conf file contains all four or five DNS servers with a warning comment about how only three may be used, and the local DNS server is last but still potentially usable. With resolvconf only three are included, which I think "squeezes out" the unwanted lowest priority non-VPN DNS server.)