Menu
▾
▴
Re: [Openvpn-users] Push multiple DNS-servers
|
From: Peter R. <rab...@ra...> - 2008-12-19 13:55:48
|
Jan Just Keijser wrote: > Antonis Tsolomitis wrote: >> Jan Just Keijser wrote: >>> Jonathan Petersson wrote: >>> >>>> Is it possible to push multiple DNS-servers? I tried to add 2 push >>>> directives unsuccessfully (2.1.0.10-beta14) >>>> >>>> >>> this is definitely possible. Getting your operating system to use >>> them is a different matter. For Linux you'd need some >>> update-resolv-conf script, for Windows it is actually quite hard. I >>> routinely used >>> net stop dnscache >>> net start dnscache >>> to get my XP box to recognize the DNS servers pushed by openvpn. >>> >> >> I am just curious: Isn't this the job of >> >> push "dhcp-option DNS a.b.c.d" >> > On Windows, the option "dhcp-option DNS a.b.c.d" will cause openvpn to > notify the Tap-win32 adapter to set DNS=a.b.c.d ; and after starting, an > 'ipconfig /all' does indeed show that the correct DNS server(s) are set. > However, for obscure reasons Windows does not immediately starts *using* > these new DNS servers. The only way I could find to trigger that is by > stopping and starting the dnscache service. To me, this sounds like a > Windows feature/bug that openvpn can and should not attempt to fix. > > As for other OSes, updating the system DNS servers is quite OS > dependent, although there's an update-resolv-conf script that works fine > on most Linux flavours. > What you are describing has to do with the dnscache service trying to be smarter than it actually is. This is the registry import I use to solve this (known to work on XP and Vista): ; Disabling the DNS caching service seems to break some obscure programs. ; Although the resolver is terribly broken (does not honor _ANY_ server ; supplied TTLs, does not do proper round-robin, etc.) it seems that this is ; indeed a necessary service. Here we try to tune it so it will behave. ; source: http://support.microsoft.com/kb/318803 ; source: http://support.microsoft.com/kb/320760 ; source: http://www.speedguide.net/read_articles.php?id=158 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache] "Start"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters] "MaxCacheTtl"=dword:0000003c "MaxNegativeCacheTtl"=dword:00000000 "ServerPriorityTimeLimit"=dword:00000000 "NetFailureCacheTime"=dword:00000000 "NegativeSOACacheTime"=dword:00000000 My 2c |
