search

twitchyliquid64 / subnet

Simple, auditable & elegant VPN, built with TLS mutual authentication and TUN.
MIT License
1.06k stars 79 forks source link

DNS stops working when I start subnet on the client #9

Closed iyra closed 6 years ago

iyra commented 6 years ago

Hi, I am following the guide to accessing a LAN from a client; running this command: sudo go/bin/subnet -gw 192.168.69.1 -network 192.168.69.4/24 -cert Downloads/client.certPEM -key Downloads/client.keyPEM -ca Downloads/ca.certPEM my.server.ip does not report any error, however while it is running I can't ping any domains, however I can access them via IP alone.

I am on Gentoo Linux with openrc and using Go version 1.8.3 amd64. This issue does not seem to happen on the server. What can I do to get my DNS working again while I use subnet?

twitchyliquid64 commented 6 years ago

The parameter -gw tells subnet to change the default route of all network traffic to flow through the VPN. This is not what you want if you only want to link up a virtual LAN.

My best guess is that your DNS server is on your physical LAN, and because all your traffic is going through the VPN your DNS server is unreachable. Either:

  1. Remove the -gw 192.168.69.1 parameter to stop routing all of your traffic through the VPN.
  2. Set your DNS server to something on the internet, such as 8.8.8.8 (google's fast DNS resolver).
  3. Make the DNS server accessible on the VPN.
twitchyliquid64 commented 6 years ago

If you are intentionally routing all your traffic through the VPN, the easiest solution to get it working is to update your DNS server to 8.8.8.8. This is what I did.

iyra commented 6 years ago

You said, "The parameter -gw tells subnet to change the default route of all network traffic to flow through the VPN. This is not what you want if you only want to link up a virtual LAN."

If I want to connect myself (a client) and another client to the server such that I can communicate with the other client, would I need the -gw option? Thanks for the input, you are right, my DNS is going through my router at home, I'll try and change it to 8.8.8.8.

twitchyliquid64 commented 6 years ago

Go ahead and remove -gw yes.

twitchyliquid64 commented 6 years ago

Closing as I think this solved your issue. Future readers:

  1. If DNS is not working check if you have set the -gw switch. This will route all your traffic through the gateway specified. If your DNS is not accessible from this gateway, DNS will break.
  2. You can always try setting your DNS servers to 8.8.8.8, which should be accessible anywhere on the internet.