5

I'm using Kubuntu 17.10, and use OpenVPN to connect to my corporate network. Since Ubuntu moved over to the new "netplan" way of doing network related things, I have found that several things in OpenVPN no longer work (like trying to set your DNS servers using dhcp-options and the up/down update-resolv-conf script).

My question is: is it possible to set a "netplan" that will set the OpenVPN's interface (tun0) DNS servers once tun0 is created? Something like:

network:
  version: 2
  renderer: networkd
  ethernets:
    tun0:
      dhcp4: yes
      dhcp6: no
      nameservers:
        addresses: [8.8.8.8,8.8.4.4]

I have managed to create my own vpn-up/vpn-down scripts which basically copy the appropriate yaml file over to /etc/netplan and then executes netplan apply, but this doesn't feel like the right way to do things.

Vanessa Deagan
  • 1,131

1 Answers1

1

If you're using OpenVPN on a desktop/laptop, I strongly suggest you use NetworkManager to control your VPN. It can pass through the right DNS information to the DNS backend (dnsmasq or systemd-resolved, depending on your release of Ubuntu), and it can do the right thing to bring up the VPN automatically on some interfaces, deal better with loss of connection, having to ask for credentials again, etc.

netplan does not have any special VPN support. Setting up a tun interface in an "ethernets:" stanza is likely not what you want, as will not create tun interfaces, and might in fact interfere with that OpenVPN might do to the interface; but if you really want to use it, you do need to roll your own vpn-up/vpn-down scripts triggered by openvpn to run 'netplan apply' with the right configuration files available in /etc/netplan.

Mathieu Trudel-Lapierre
  • 2,687
  • 2
    I would disagree with you about using NetworkManager for OpenVPN. I tried, and it brought me nothing but heartache and grief. The only thing that worked properly for me was connecting from the terminal: sudo openvpn --config yourclientfile.ovpn. – Vanessa Deagan Mar 20 '18 at 19:39
  • @VanessaDeagan likely that you've changed your /etc/resolv.conf symlink? – heynnema Mar 27 '19 at 18:20
  • @VanessaDeagan could you explain a bit more your procedure? – UserK May 29 '20 at 13:39
  • and now working for me putting in my chmod 755 script into /etc/NetworkManager/dispatcher.d/ when the internet connection is made (i also had to stop networkmanager from making numerous new connections once just because I put an an alt dns.https://askubuntu.com/questions/767786/changing-network-interfaces-name-ubuntu-16-04/767796#767796 ) which now works, only one eth0 connection. now I need to make internet connection disabled if vpn is lost with a vpndown script. all I did to /etc/resolv/conf was put in my dns's . – pierrely Feb 21 '21 at 05:19
  • all I did to /etc/resolv/conf was put in my dns's . I also have to stop automatic connection to internet, despite that being set off in networkmanager gui. I also had to put full path in for my auth.txt - https://askubuntu.com/questions/1236780/how-to-force-vpn-usage-on-every-connection . final note when I ran from terminal openvpn -- clientfile... two instances they tripped it all up and terminated the vpn altogether leaving me without it. nmcli networking off also then did not kill the internet connection. so more work to do. – pierrely Feb 21 '21 at 05:25