DNS resolution over OpenVPN: TCP vs UDP
-
Hi all,
I am in a situation where I need to test the viability of a UDP connection as well as a TCP connection to my pfsense system using OpenVPN. I have setup one server entry for each, with identical settings (as far as I can tell). Both connections seem to connect and function, with the exception of DNS resolution. For some reason, the UDP connection allows dns resolution, while the tcp connection only lets me access nodes using the IP address.
I am hoping there is something simple I am missing. Any suggestions as to why TCP would not allow dns resolution while UDP does would be appreciated.
Thanks
mdecou
-
could you post some configuration? I'm running openvpn over tcp/443 and i don't have any issues with dns resolution. Have you added your openvpn network to your dns servers access list?
-
I run openvpn over tcp as well, there is no issues with dns resolution.. You have a typo maybe in your dns server your handing out or you have a firewall rule? Do a query from your client.. Does pfsense see it, does it log a block? You sure your even connected to the vpn ;)
-
Hi!
I have the same issue.
My server has 443 TCP open port only.
I installed OpenVPN via TCP and I have the DNS issue.
I ran "tcpdump -n -i tun0 port 53" and I see that server sends dns requests but they don't get back to the client. -
@greywolf could this be mtu/mss issue when tje connection is over TCP?
