Arch Linux: OpenVPN – resolv.conf is not updated

By | 03/02/2019
 

On an Arch Linux setup – local resolv.conf not updated after connection to OpenVPN AS.

As far as I know – the problem is specific to Arch Linux and its “child’s” like Manjaro Linux installations.

Local openvpn installed via pacman – see the OpenVPN: OpenVPN Access Server set up and AWS VPC peering configuration post for details about its configuration.

During connection initialization – logs say:

...
Fri Feb 22 16:40:28 2019 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.4.6)
Fri Feb 22 16:40:28 2019 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.4.6)
Fri Feb 22 16:40:28 2019 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.4.6)
Fri Feb 22 16:40:28 2019 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:23: register-dns (2.4.6)
Fri Feb 22 16:40:28 2019 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:24: block-ipv6 (2.4.6)
...

Check local resolv.conf – there are still my Internet provider’s DNS:

cat /etc/resolv.conf
Generated by resolvconf
nameserver 188.190.254.254
nameserver 31.43.120.254
nameserver 92.249.120.254

Documentation – here>>>.

Download the update-resolv-conf script:

sudo wget -O /etc/openvpn/update-resolv-conf https://raw.githubusercontent.com/masterkorp/openvpn-update-resolv-conf/master/update-resolv-conf.sh

(in Debian/Ubuntu its created during the openvpn package installation)

Set execution attribute:

sudo chmod +x /etc/openvpn/update-resolv-conf

Update your client.ovpn (/etc/openvpn/client/setevoy-ovnas.conf in my current case) – add script execution during connection start and stop:

...
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
...

DNS to be set are configured in an OpenVPN AS: the first IP is the VPN’s from its local network, the second one – CloudFlare, just in case:

Restart connection:

sudo /usr/bin/openvpn --suppress-timestamps --nobind --config /etc/openvpn/client/setevoy-ovnas.conf
...
Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.4.7)
Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.4.7)
Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.4.7)
Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:20: register-dns (2.4.7)
Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:21: block-ipv6 (2.4.7)
...
/etc/openvpn/update-resolv-conf tun0 1500 1553 172.27.232.17 255.255.248.0 init
dhcp-option DNS 172.31.26.29
dhcp-option DNS 1.1.1.1
...

Check the resolv.conf:

cat /etc/resolv.conf
Generated by resolvconf
nameserver 172.31.26.29
nameserver 1.1.1.1

Done.