The vpn server is running a dnsmasq instance with the following settings: """ addn-hosts=/etc/hosts.openvpn-server addn-hosts=/etc/hosts.openvpn-clients no-hosts dns-forward-max=0 no-resolv """
In the vpn server configs, it is pushing it's own IP as a dns server: """ push "dhcp-option DNS 10.88.0.1" push "dhcp-option DOMAIN vpn.ubuntone.info" """ On the client configs, it's using the stock update-resolv-conf openvpn scripts to update resolvconf: """ up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf """ The end result is that the vpn client resolv.conf contains the following: """ $ cat /etc/resolv.conf nameserver 10.88.0.1 nameserver 127.0.1.1 search vpn.ubuntone.info """ Since the lxc dnsmasq doesn't specify what to use as resolver, and it has --strict-order, it ends up querying 10.88.0.1 first and since that name server is setup with no-resolv, then it gets refused and does not move on to the next one (127.0.1.1). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1205086 Title: lxc-net dnsmasq --strict-order breaks dns for lxc non-recursive nameserver To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1205086/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs