Routing Client DNS through OpenVPN Server

Forum » Discussions / General » Routing Client DNS through OpenVPN Server

Started by:

Nello Lucchesi
Date: 26 Dec 2013 01:06
Number of posts: 3

RSS: New posts

Summary:

What's the difference between these alternatives: push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8"

Unfold All Fold All More Options

Fold

Routing Client DNS through OpenVPN Server

Nello Lucchesi 26 Dec 2013 01:06

Would someone please expand on the advantages and disadvantages of these two techniques of routing DNS traffic:

push "redirect-gateway def1"

versus

push "dhcp-option DNS 8.8.8.8"

Presumably, redirecting DNS traffic through the VPN is more secure because there's no DNS linkage. But, as I understand, it prevents a DHCP lease renewal and therefore may result in loss of the local connection.

If I've understood the tradeoff correctly, then is there anyway to maintain a connection to the local DHCP server and yet restrict all but renewal requests from routing to it?

Finally, what happens if both re-direct and push dhcp-option are specified as shown below?

Thank you for your help.

- nello

Tomato v1.28.0000 MIPSR2-102 K26 USB AIO

# Automatically generated configuration
daemon
server 10.10.50.0 255.255.255.0
proto udp
port 443
dev tun22
comp-lzo adaptive
keepalive 15 60
verb 3
push "route 10.10.49.0 255.255.255.0"
push "dhcp-option DOMAIN OctoberGroup.local"
push "dhcp-option DNS 10.10.49.1"
push "redirect-gateway def1"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status
# Custom Configuration
push "route 10.10.50.0 255.255.0.0"
user nobody
group nobody
persist-key
persist-tun
ping-timer-rem
verb 3

# Client Configuration
client
proto udp
remote <dyn dns> 443
dev tun
nobind
ca ca.crt
cert nello.crt
key nello.key
ns-cert-type server
tls-remote October-Group-VPN
tls-auth ta.key 1
user nobody
group nobody
persist-key
persist-tun
comp-lzo
verb 6
mute 10
mute-replay-warnings

Router: Asus RT-N16 (Tomato v1.28.0000 MIPSR2-102 K26 USB AIO)
Computers: FreeBSD x86, OSX 10.9, iOS 7

Options

Unfold Routing Client DNS through OpenVPN Server by

Nello Lucchesi, 26 Dec 2013 01:06

Fold

Re: Routing Client DNS through OpenVPN Server

GeeTek 26 Dec 2013 06:57

How is it that this forum can go for months with only an occasional n00b question, or two, and now within the last two weeks we have page after page of some quite advanced and difficult to answer questions ? In this particular case, all along a general theme of advanced routing issues.

I think a forum troll is taking advantage of the fact that a moderator is keeping the video editor spam cleaned up. Some Muther Fucker from the past like Jeremy Collake, or a few other fuck sticks I can think of. I've seen you on all of these firmware forums before. Numerous times.

Last edited on 26 Dec 2013 07:01 by GeeTek Show more

Options

Unfold Re: Routing Client DNS through OpenVPN Server by

GeeTek, 26 Dec 2013 06:57

Fold

Re: Routing Client DNS through OpenVPN Server

lucifercipher 26 Dec 2013 14:26

I think a forum troll is taking advantage of the fact that a moderator is keeping the video editor spam cleaned up. Some Muther Fucker from the past like Jeremy Collake, or a few other fuck sticks I can think of. I've seen you on all of these firmware forums before. Numerous times.

Lmao !!!!!!

I learn something new from everyone everyday. A hardware and software hacker .
My Routers: Buffalo WHR HP G54, WRT54G-TM, WRT54GL, ASUS RT N16, DLINK DIR600, Linksys E3200, Tplink 1043ND, ASUS RT N13B, Alfa R36
Web: http://www.level19security.com

Options

Unfold Re: Routing Client DNS through OpenVPN Server by

lucifercipher, 26 Dec 2013 14:26

New Post

TomatoUSB

Unleash your router