Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS resolution over OpenVPN: TCP vs UDP

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 5 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mdecou
      last edited by

      Hi all,

      I am in a situation where I need to test the viability of a UDP connection as well as a TCP connection to my pfsense system using OpenVPN.  I have setup one server entry for each, with identical settings (as far as I can tell).    Both connections seem to connect and function, with the exception of DNS resolution.    For some reason, the UDP connection allows dns resolution, while the tcp connection only lets me access nodes using the IP address.

      I am hoping there is something simple I am missing.  Any suggestions as to why TCP would not allow dns resolution while UDP does would be appreciated.

      Thanks

      mdecou

      1 Reply Last reply Reply Quote 0
      • K
        kholmqvist
        last edited by

        could you post some configuration? I'm running openvpn over tcp/443 and i don't have any issues with dns resolution. Have you added your openvpn network to your dns servers access list?

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          I run openvpn over tcp as well, there is no issues with dns resolution.. You have a typo maybe in your dns server your handing out or you have a firewall rule?  Do a query from your client..  Does pfsense see it, does it log a block?  You sure your even connected to the vpn ;)

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • G
            GreyWolf
            last edited by

            Hi!
            I have the same issue.
            My server has 443 TCP open port only.
            I installed OpenVPN via TCP and I have the DNS issue.
            I ran "tcpdump -n -i tun0 port 53" and I see that server sends dns requests but they don't get back to the client.

            mgiM 1 Reply Last reply Reply Quote 0
            • mgiM
              mgi @GreyWolf
              last edited by

              @greywolf could this be mtu/mss issue when tje connection is over TCP?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.