[GLLUG] Adding openvpn to an existing configuration

Marco van Beek mvanbeek at supporting-role.co.uk
Mon May 11 10:06:04 UTC 2020


Openvpn should not be grabbing port 53 unless you are using a custom 
config for it. The default setup for openvpn is UDP 1194. Some people do 
use port 53 UDP for VPn because it allows you to tunnel through, but you 
have just seen what havoc that can bring.

If you do need to run OpenVPN that way then I thionk you will need to 
run mulitple network interfaces and bind 53 in openvpn and dnsmasq to 
different ones.



On 11/05/2020 11:01, Chris Bell via GLLUG wrote:
> Hello,
> I have used several versions of debian, and have found that there are several
> networking and DNS resolver packages that could be used by default but
> generally do not take over if another is already running, so I end up checking
> all unless I know which is the only default. Debian version 10 "buster"
> appears to default to using systemd if it is configured, but many options could
> be automatically reset if re-booted.
> I have a computer running shorewall on debian 10 "buster" using dnsmasq for
> DHCP allocation to local networks, with access to recursive resolvers via
> local networks. Dnsmasq will not start if another package has grabbed port 53.
> I tried to add openvpn but then discovered that openvpn grabs port 53 on re-
> boot, and that blocks dnsmasq, so need to find a way to ensure that dnsmasq is
> started that will not be changed by any system update.
> Should the symlinks from /etc/systemd/system/ be used for this, with their
> BEFORE and AFTER settings?
> Thanks for any advice.

More information about the GLLUG mailing list