© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
This workaround is not bad indeed and saves me, too. But it has drawbacks that people need to know
1) In newer Ubuntu versions, "dnsmasq" is the default DNS option, so the config does not have this option to comment out. Instead you have to set "dns=default" there.
2) With this workaround, some applications need a restart to recognize the new DNS servers after you started VPN. Browsers are a prominent example of reading resolv.conf setup at start and then caching this until restart.
3) The VPN DNS servers are used then, but they are on top of the underlying DNS servers coming from your local DHCP. They are just added to the top of the list. As long as the VPN DNS servers are working, data security is intact. As soon as these stop working, your system might send DNS queries (that maybe should be confidential) to the underlying DNS server.
Issues 2 and 3 are the most dangerous as they can compromise VPN confidentiality.