DHCP, VPN, and resolv.conf

[hashswag 11]

Environment:

Untangle NG Firewall

Linux Mint 17.3

AirVPN Eddie client 2.12.4 (on Linux Mint system)

 

The linux system is getting a DHCP address/DNS via static DHCP from Untangle.  Before I launch Eddie, my /etc/resolv.conf file looks like this:

Before I launch the VPN client, my /etc/resolv.conf looks like this:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)

# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

nameserver 172.20.0.1

nameserver 127.0.1.1

search foo.com

 

After I launch and connect with Eddie, the /etc/resolv.conf file gets copied away and the new one looks like this:

# Automatically generated by Eddie v2.12.4 | https://airvpn.org . Any manual change will be overridden.

 

nameserver 10.30.0.1

 

All is well so far.

 

But, after a few minutes (sometimes upwards of 10-20), the /etc/resolv.conf file gets updated (while Eddie is up and connected) and looks like this:

domain foo.com

search foo.com

nameserver 172.20.0.1

 

This is obviously bad.

 

Note that this is NOT the same contents as the file that was copied off.

 

Question:  Is this a linux issue or Untangle issue?  It looks like Eddie is doing the right thing but the resolv.conf file is being updated right under Eddie's nose!

 

The Untangle is new (about a month) and I just updated the Eddie client today.  I just noticed this issue this afternoon (it may have existed for the past month) so I don't know what caused it.  I am pretty certain this issue did not exist with my previous (Shibby Tomato) router.

 

Is it recommended (for this reason) to not use DHCP on the system running the AirVPN client and to statically assign the address and DNS?

 

Any guidance/suggestions appreciated...

 

[OpenSourcerer 1359]

Question:  Is this a linux issue or Untangle issue?  It looks like Eddie is doing the right thing but the resolv.conf file is being updated right under Eddie's nose!

 

lsof /etc/resolv.conf lists all processes which have resolv.conf opened at runtime. Maybe you can repeatedly execute this one, manually or through watch, and hopefully find out which process does the change. The chance is low, though.

 

 

Is it recommended (for this reason) to not use DHCP on the system running the AirVPN client and to statically assign the address and DNS?

 

If you run Windows, I personally recommend to statically assign the DNS only to prevent DNS leaks. On all other systems, DHCP has no disadvantages.

[hashswag 11]

 

Question:  Is this a linux issue or Untangle issue?  It looks like Eddie is doing the right thing but the resolv.conf file is being updated right under Eddie's nose!

 

lsof /etc/resolv.conf lists all processes which have resolv.conf opened at runtime. Maybe you can repeatedly execute this one, manually or through watch, and hopefully find out which process does the change. The chance is low, though.

 

> 

Is it recommended (for this reason) to not use DHCP on the system running the AirVPN client and to statically assign the address and DNS?

 

If you run Windows, I personally recommend to statically assign the DNS only to prevent DNS leaks. On all other systems, DHCP has no disadvantages.

 

 

Thanks..  I don't run AirVPN on a Windows system for obvious reasons.  

 

On Linux (Mint 17.x / Ubuntu 14.04 based), when a DHCP lease expires and renews, is /etc/resolv.conf supposed to get updated?

[OpenSourcerer 1359]

I am not sure, I think it depends on the DHCP client used. My Debian 9 uses dhclient, and it does not update resolv.conf.

[63IZhfuW9e 0]

Hello,

 

I was in the same case with a virtual machine and dhclient rules. I was following this post that it resolve my issue.

echo 'make_resolv_conf() { :; }' > /etc/dhcp/dhclient-enter-hooks.d/leave_my_resolv_conf_alone
chmod 755 /etc/dhcp/dhclient-enter-hooks.d/leave_my_resolv_conf_alone