Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
PostPosted: Mon Apr 23, 2018 5:30 am 
Offline
Newbie

Joined: Mon Apr 23, 2018 5:25 am
Posts: 3
I've used a stackscript to deploy an IPSEC VPN and it works great. However, I need to specify a DNS server IP for Android to keep the VPN connection "always on" ... Can someone please explain to me how to figure out the correct IP address for the DNS server for my Linode VPN?


Top
   
PostPosted: Tue Apr 24, 2018 4:29 am 
Offline
Linode Staff

Joined: Tue Dec 20, 2016 9:18 pm
Posts: 11
The DNS resolvers for your Linode's datacenter are all listed under the Remote Access tab of the Linode's dashboard.

Your Linode uses a random subset of those resolvers at any given time. You can inspect the contents of /etc/resolv.conf on your Linode to find out which ones are in use by your server:

cat /etc/resolv.conf


Top
   
PostPosted: Tue Apr 24, 2018 11:46 am 
Offline
Newbie

Joined: Mon Apr 23, 2018 5:25 am
Posts: 3
Quote:
The DNS resolvers for your Linode's datacenter are all listed under the Remote Access tab of the Linode's dashboard.

Your Linode uses a random subset of those resolvers at any given time. You can inspect the contents of /etc/resolv.conf on your Linode to find out which ones are in use by your server:

cat /etc/resolv.conf
Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?


Top
   
PostPosted: Wed May 02, 2018 3:48 am 
Offline
Senior Member

Joined: Thu Nov 16, 2017 6:59 am
Posts: 137
Quote:
Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?
You can but there is no real reason to do so. If that resolver goes down you are left without DNS.

A better (and safer) solution might be to run your own DNS resolver on the VPN server, optionally with intercept rules so that you could block unwanted traffic on DNS level.

_________________
- emestee,
Lord System Administrator


Top
   
PostPosted: Wed May 02, 2018 7:45 am 
Offline
Newbie

Joined: Mon Apr 23, 2018 5:25 am
Posts: 3
Quote:
Quote:
Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?
You can but there is no real reason to do so. If that resolver goes down you are left without DNS.

A better (and safer) solution might be to run your own DNS resolver on the VPN server, optionally with intercept rules so that you could block unwanted traffic on DNS level.
Thanks for the reply. In the end I found I could use all the DNS resolver IP addresses if I strung them together using a space instead of newline character.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
RSS

Powered by phpBB® Forum Software © phpBB Group