Hi Jan Just,
I've made a test and figured out that Windows (win 7 in my case) queries
all the servers one by one in order of adapter precedence until it
receives a suitable answer. I tested the resolver with ping command.
Nslookup isn't so good in this case since it always uses the first NS
record from the list.
So I was wrong. `Connection-specific DNS Suffix' does, in fact, nothing.
I do apologize.
But, if we have several adapters their order gets us opportunity to have
everything working as we need.
Best regards,
Pavel
-------- Original Message --------
*Subject: *Re: [Openvpn-users] DNS from network behind VPN
*From: * Keijser <janj...@nikhef.nl>
*To: *Pavel Bychikhin <pbychik...@yahoo.com>
*Cc: *openvpn-users@lists.sourceforge.net
*Date: *21.01.2015 23:49
Hi Pavel, *,
On 20/01/15 13:54, Pavel Bychikhin wrote:
I send my clients a `domain-search' option via DHCP. First domain
from that list is used by Windows as a `Connection-specific DNS
Suffix'. This does the trick. Windows uses this connection to query
for names within domain of a `Connection-specific DNS Suffix' even if
a PC is in Active Directory domain.
whilst this is a great trick it does not necessarily mean that
split-horizon DNS is working; it simply means that when a query is
done for
host.vpn.company.com
that the VPN-supplied DNS server is used, with the DNS suffix for that
adapter added - but what happens to all other queries? Can you very
your trick using 'nslookup', e.g.
nslookup host.vpn.company.com
nslookup www.google.com
? it would be worth documenting, as split-horizon DNS is a pain in the
butt.
thx,
JJK
On 20.01.2015 14:31, Joe Patterson wrote:
I'm pretty sure it's not possible to do that from a windows
perspective, however the workaround that I've used (that has some
advantages of its own) is to run the bind dns server locally on my
windows client machine, configured as a resolver for localhost only,
and configured with forward zones for specific domains. It ends up
working fairly well.
-Joe
On Tue, Jan 20, 2015 at 5:56 AM, Frank, Petric (Petric)
<petric.fr...@alcatel-lucent.com
<mailto:petric.fr...@alcatel-lucent.com>> wrote:
Hello,
this is not exactly a OpenVPN problem.
I connect via VPN to a network (own subnet). There is a DNS
server serving hosts of some (specific) domains in this subnet.
Problem is how to keep the locally configured DNS, but tell the
system to ask the DNS behind the VPN tunnel when it requests
hosts from the (known) domains of this DNS server.
For example:
Lookup of google.com <http://google.com> -> ask preconfigured DNS
Lookup of *.local.dom -> ask DNS behind VPN tunnel (local.dom
is managed by him)
As far as I know I can only replace the configured DNS server by
adding the line
push "dhcp-option DNS a.b.c.d"
but I would like to have something like
push "dhcp-option DNS local.dom a.b.c.d"
telling that all lookups of local.dom should be directed to a.b.c.d.
I don't know whether this is possible as such.
Local host is Windows 7
VPN server is Linux
Regards
Petric
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
