View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions DNS server IP for IPSEC VPN server?
Log in to Ask a Question

DNS server IP for IPSEC VPN server?

networking

I've used a stackscript to deploy an IPSEC VPN and it works great. However, I need to specify a DNS server IP for Android to keep the VPN connection "always on" … Can someone please explain to me how to figure out the correct IP address for the DNS server for my Linode VPN?

4 Replies

The DNS resolvers for your Linode's datacenter are all listed under the Remote Access tab of the Linode's dashboard.

Your Linode uses a random subset of those resolvers at any given time. You can inspect the contents of /etc/resolv.conf on your Linode to find out which ones are in use by your server:

cat /etc/resolv.conf

@nmelehan:

The DNS resolvers for your Linode's datacenter are all listed under the Remote Access tab of the Linode's dashboard.

Your Linode uses a random subset of those resolvers at any given time. You can inspect the contents of /etc/resolv.conf on your Linode to find out which ones are in use by your server:

cat /etc/resolv.conf

Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?

@Epictetus:

Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?

You can but there is no real reason to do so. If that resolver goes down you are left without DNS.

A better (and safer) solution might be to run your own DNS resolver on the VPN server, optionally with intercept rules so that you could block unwanted traffic on DNS level.

@emestee:

@Epictetus:

Thanks for the excellent information. Yes, that worked but now I'm wondering whether I can comment all the lines out except one chosen IP address so that I don't need to be concerned about the IP address changing randomly. Does this make any sense?

You can but there is no real reason to do so. If that resolver goes down you are left without DNS.

A better (and safer) solution might be to run your own DNS resolver on the VPN server, optionally with intercept rules so that you could block unwanted traffic on DNS level.

Thanks for the reply. In the end I found I could use all the DNS resolver IP addresses if I strung them together using a space instead of newline character.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct