On debian and ubuntu I am using several VPN connections via openvpn. Most of these use resolvconf
to tinker with the DNS settings.
resolvconf
will sort all interfaces into a priority list and will look for nameservers in this order. However, it will take nameservers not from a single connection but will use up to 3 nameservers. This gives DNS problems if not all DNS serers can resolve the same hostnames (as is common for corporate DNS servers which resolve internal names). What happens is, that the system will have the VPN provided corporate nameserver configured in addition to the default nameserver from the internet connection. The resolver will round-robin these servers and therefore only every second request for an internal hostname will succeed ... very annoying.
I found no place to customize this so I ended up hacking the update script in /etc/resolvconf/update.d/libc
. I found the function uniquify_nameserver_list
and in this function replaced the number 3
with 1
.
Now VPN DNS works perfectly: When I'm connected via VPN, only the VPN provided nameserver is used allowing me to resolve internal hostnames.