• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DNS resolution over OpenVPN: TCP vs UDP

OpenVPN
5
5
1.8k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mdecou
    last edited by Nov 4, 2016, 1:45 PM

    Hi all,

    I am in a situation where I need to test the viability of a UDP connection as well as a TCP connection to my pfsense system using OpenVPN.  I have setup one server entry for each, with identical settings (as far as I can tell).    Both connections seem to connect and function, with the exception of DNS resolution.    For some reason, the UDP connection allows dns resolution, while the tcp connection only lets me access nodes using the IP address.

    I am hoping there is something simple I am missing.  Any suggestions as to why TCP would not allow dns resolution while UDP does would be appreciated.

    Thanks

    mdecou

    1 Reply Last reply Reply Quote 0
    • K
      kholmqvist
      last edited by Nov 5, 2016, 10:30 PM

      could you post some configuration? I'm running openvpn over tcp/443 and i don't have any issues with dns resolution. Have you added your openvpn network to your dns servers access list?

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator
        last edited by Nov 6, 2016, 11:46 AM

        I run openvpn over tcp as well, there is no issues with dns resolution.. You have a typo maybe in your dns server your handing out or you have a firewall rule?  Do a query from your client..  Does pfsense see it, does it log a block?  You sure your even connected to the vpn ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • G
          GreyWolf
          last edited by Apr 2, 2022, 6:00 PM

          Hi!
          I have the same issue.
          My server has 443 TCP open port only.
          I installed OpenVPN via TCP and I have the DNS issue.
          I ran "tcpdump -n -i tun0 port 53" and I see that server sends dns requests but they don't get back to the client.

          M 1 Reply Last reply Apr 2, 2022, 8:52 PM Reply Quote 0
          • M
            mgi @GreyWolf
            last edited by Apr 2, 2022, 8:52 PM

            @greywolf could this be mtu/mss issue when tje connection is over TCP?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.