On 03/12/2019 10:38, Krishna PMV wrote: > Hi, > I'm using OpenVPN and pushing DNS to clients via dhcp-option and it works > fine. Now, I've a new implementation where my DNS is served by AWS NLB. Given > that NLB doesn't have static IPs behind it, I wanted a way to resolve DNS name > of NLB before sending it to the client. How can I do that in OpenVPN? Any > suggestions? Thanks! >
I can imagine two approaches. a) Setup your own resolver DNS server (dnsmasq, unbound, systemd-resolved?, etc) and point your VPN clients to use this one instead. Then configure your server to use AWS NLB, including your resolver DNS server. Then all VPN clients goes to your self-hosted DNS server which again contacts AWS NLB. b) If you have some kind of APIs or methods to acquire the IP address of the AWS NLB server, you can have a --client-connect script generating the dhcp-option lines automatically when connecting. One of arguments passed to the client-connect script is a file you just write your options to, which is then parsed by OpenVPN - so if you have a shell script which does 'echo push "dhcp-option $AWS_NLB_IP"' to that file, this option will be pushed to the connecting client. -- kind regards, David Sommerseth OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
