Ubuntu 18 Static DNS Servers











up vote
0
down vote

favorite












I'm having difficulty configuring UFW with an OpenVPN connection on Ubuntu 18. I have a basic UFW list that allows tun0 connections and opens traffic to my VPN providers ports (1194), and it correctly kills internet when off and allows traffic only over the VPN.



The issue I'm having is even with redirect-gateway in the client config, my machine keeps leaking DNS! It's showing several ISP DNS servers even though I configured Network Manager to make use of a manual list of 3 DNS servers.



Is it possible to force my Ubuntu machine to use only specific DNS servers over WiFi without having access to the router itself? For example, say I go to an airport or cafe, I still want my DNS servers to be used and not whatever the local router config pushes down.



I've seen other SO posts about a /etc/resolvconf/resolv.conf.d/original file, but I don't have any such resolv.conf.d directory.



Does anyone know how this might be achieved on Ubuntu 18?



current ufw rules



To                         Action      From
-- ------ ----
Anywhere on tun0 ALLOW Anywhere
53 DENY Anywhere
Anywhere (v6) on tun0 ALLOW Anywhere (v6)
53 (v6) DENY Anywhere (v6)

Anywhere ALLOW OUT Anywhere on tun0
1194/udp ALLOW OUT Anywhere
1194/tcp ALLOW OUT Anywhere
2049/udp ALLOW OUT Anywhere
2049/tcp ALLOW OUT Anywhere
10.0.0.0/8 ALLOW OUT Anywhere
192.168.0.0/16 ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
1194/udp (v6) ALLOW OUT Anywhere (v6)
1194/tcp (v6) ALLOW OUT Anywhere (v6)
2049/udp (v6) ALLOW OUT Anywhere (v6)
2049/tcp (v6) ALLOW OUT Anywhere (v6)


Thanks!










share|improve this question







New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
    – ptetteh227
    Nov 18 at 4:10










  • Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
    – tinkerbox
    Nov 18 at 4:59










  • Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
    – hello moto
    2 days ago

















up vote
0
down vote

favorite












I'm having difficulty configuring UFW with an OpenVPN connection on Ubuntu 18. I have a basic UFW list that allows tun0 connections and opens traffic to my VPN providers ports (1194), and it correctly kills internet when off and allows traffic only over the VPN.



The issue I'm having is even with redirect-gateway in the client config, my machine keeps leaking DNS! It's showing several ISP DNS servers even though I configured Network Manager to make use of a manual list of 3 DNS servers.



Is it possible to force my Ubuntu machine to use only specific DNS servers over WiFi without having access to the router itself? For example, say I go to an airport or cafe, I still want my DNS servers to be used and not whatever the local router config pushes down.



I've seen other SO posts about a /etc/resolvconf/resolv.conf.d/original file, but I don't have any such resolv.conf.d directory.



Does anyone know how this might be achieved on Ubuntu 18?



current ufw rules



To                         Action      From
-- ------ ----
Anywhere on tun0 ALLOW Anywhere
53 DENY Anywhere
Anywhere (v6) on tun0 ALLOW Anywhere (v6)
53 (v6) DENY Anywhere (v6)

Anywhere ALLOW OUT Anywhere on tun0
1194/udp ALLOW OUT Anywhere
1194/tcp ALLOW OUT Anywhere
2049/udp ALLOW OUT Anywhere
2049/tcp ALLOW OUT Anywhere
10.0.0.0/8 ALLOW OUT Anywhere
192.168.0.0/16 ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
1194/udp (v6) ALLOW OUT Anywhere (v6)
1194/tcp (v6) ALLOW OUT Anywhere (v6)
2049/udp (v6) ALLOW OUT Anywhere (v6)
2049/tcp (v6) ALLOW OUT Anywhere (v6)


Thanks!










share|improve this question







New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
    – ptetteh227
    Nov 18 at 4:10










  • Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
    – tinkerbox
    Nov 18 at 4:59










  • Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
    – hello moto
    2 days ago















up vote
0
down vote

favorite









up vote
0
down vote

favorite











I'm having difficulty configuring UFW with an OpenVPN connection on Ubuntu 18. I have a basic UFW list that allows tun0 connections and opens traffic to my VPN providers ports (1194), and it correctly kills internet when off and allows traffic only over the VPN.



The issue I'm having is even with redirect-gateway in the client config, my machine keeps leaking DNS! It's showing several ISP DNS servers even though I configured Network Manager to make use of a manual list of 3 DNS servers.



Is it possible to force my Ubuntu machine to use only specific DNS servers over WiFi without having access to the router itself? For example, say I go to an airport or cafe, I still want my DNS servers to be used and not whatever the local router config pushes down.



I've seen other SO posts about a /etc/resolvconf/resolv.conf.d/original file, but I don't have any such resolv.conf.d directory.



Does anyone know how this might be achieved on Ubuntu 18?



current ufw rules



To                         Action      From
-- ------ ----
Anywhere on tun0 ALLOW Anywhere
53 DENY Anywhere
Anywhere (v6) on tun0 ALLOW Anywhere (v6)
53 (v6) DENY Anywhere (v6)

Anywhere ALLOW OUT Anywhere on tun0
1194/udp ALLOW OUT Anywhere
1194/tcp ALLOW OUT Anywhere
2049/udp ALLOW OUT Anywhere
2049/tcp ALLOW OUT Anywhere
10.0.0.0/8 ALLOW OUT Anywhere
192.168.0.0/16 ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
1194/udp (v6) ALLOW OUT Anywhere (v6)
1194/tcp (v6) ALLOW OUT Anywhere (v6)
2049/udp (v6) ALLOW OUT Anywhere (v6)
2049/tcp (v6) ALLOW OUT Anywhere (v6)


Thanks!










share|improve this question







New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











I'm having difficulty configuring UFW with an OpenVPN connection on Ubuntu 18. I have a basic UFW list that allows tun0 connections and opens traffic to my VPN providers ports (1194), and it correctly kills internet when off and allows traffic only over the VPN.



The issue I'm having is even with redirect-gateway in the client config, my machine keeps leaking DNS! It's showing several ISP DNS servers even though I configured Network Manager to make use of a manual list of 3 DNS servers.



Is it possible to force my Ubuntu machine to use only specific DNS servers over WiFi without having access to the router itself? For example, say I go to an airport or cafe, I still want my DNS servers to be used and not whatever the local router config pushes down.



I've seen other SO posts about a /etc/resolvconf/resolv.conf.d/original file, but I don't have any such resolv.conf.d directory.



Does anyone know how this might be achieved on Ubuntu 18?



current ufw rules



To                         Action      From
-- ------ ----
Anywhere on tun0 ALLOW Anywhere
53 DENY Anywhere
Anywhere (v6) on tun0 ALLOW Anywhere (v6)
53 (v6) DENY Anywhere (v6)

Anywhere ALLOW OUT Anywhere on tun0
1194/udp ALLOW OUT Anywhere
1194/tcp ALLOW OUT Anywhere
2049/udp ALLOW OUT Anywhere
2049/tcp ALLOW OUT Anywhere
10.0.0.0/8 ALLOW OUT Anywhere
192.168.0.0/16 ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
1194/udp (v6) ALLOW OUT Anywhere (v6)
1194/tcp (v6) ALLOW OUT Anywhere (v6)
2049/udp (v6) ALLOW OUT Anywhere (v6)
2049/tcp (v6) ALLOW OUT Anywhere (v6)


Thanks!







networking dns openvpn ufw






share|improve this question







New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Nov 18 at 3:58









tinkerbox

1




1




New contributor




tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






tinkerbox is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
    – ptetteh227
    Nov 18 at 4:10










  • Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
    – tinkerbox
    Nov 18 at 4:59










  • Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
    – hello moto
    2 days ago




















  • you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
    – ptetteh227
    Nov 18 at 4:10










  • Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
    – tinkerbox
    Nov 18 at 4:59










  • Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
    – hello moto
    2 days ago


















you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
– ptetteh227
Nov 18 at 4:10




you could set a static dns by editting /etc/resolv.conf and paste nameserver YOURDNS-SERVER-IP as the first line in the file.
– ptetteh227
Nov 18 at 4:10












Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
– tinkerbox
Nov 18 at 4:59




Dude. MF Hero, thank you! The trick for me was making sure the entry was the first in the file. Thank you!
– tinkerbox
Nov 18 at 4:59












Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
– hello moto
2 days ago






Don't use resolv.conf, The header of the file says Don't use as a permanent nameserver, Use resolvconf since it allows multiple programs to write to it and it adds a soft link to resolv.conf, Use /etc/resolvconf/head, but first you have to install resolvconf, as simple as sudo apt install resolvconf -y
– hello moto
2 days ago

















active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






tinkerbox is a new contributor. Be nice, and check out our Code of Conduct.










 

draft saved


draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1093885%2fubuntu-18-static-dns-servers%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes








tinkerbox is a new contributor. Be nice, and check out our Code of Conduct.










 

draft saved


draft discarded


















tinkerbox is a new contributor. Be nice, and check out our Code of Conduct.













tinkerbox is a new contributor. Be nice, and check out our Code of Conduct.












tinkerbox is a new contributor. Be nice, and check out our Code of Conduct.















 


draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1093885%2fubuntu-18-static-dns-servers%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

數位音樂下載

When can things happen in Etherscan, such as the picture below?

格利澤436b