claabs
commented
5 years ago I'd appreciate this being merged. I currently have my container restart daily to avoid a long-term failure due to a short network outage.
Closed PacketShepard closed 5 years ago
claabs
commented
5 years ago I'd appreciate this being merged. I currently have my container restart daily to avoid a long-term failure due to a short network outage.
Hi Markus,
I decided to make a pull request to fix this issue. If OpenVPN experiences a connection failure and is using a FQDN as the remote server, the current container will not allow it to perform a DNS query to look up the IP address. This creates a permanent failure of OpenVPN unless you restart the container. It's caused by the leak prevention in iptables blocking DNS queries to ${NAME_SERVERS} on eth0 after the initial OpenVPN connection.
This could allow minor DNS leakage while OpenVPN reconnects, but I think is the best compromise for tunnel reliability. Please consider merging into master.
Thanks,
PacketShepard