From patchwork Tue Sep 5 21:13:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 3335 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:390:b0:d7:3b0f:3938 with SMTP id 16csp2150226dyq; Tue, 5 Sep 2023 14:40:16 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHGwQ+rhh89oO4ymhszirRo6AdEhIx3lreZZb4WCOqOQQG5A9iwnmTOWjrgWxHoicq5uFFX X-Received: by 2002:a17:903:2303:b0:1bb:ac37:384b with SMTP id d3-20020a170903230300b001bbac37384bmr16516523plh.6.1693950016213; Tue, 05 Sep 2023 14:40:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1693950016; cv=none; d=google.com; s=arc-20160816; b=cmajNoYh1uPMp3D3uUJWSkzGMRI/TRGpteXOM+aMpXnADvB15LhHucnaSLxU7AsGkB /TqifolYRCSextKerVjigKIAgMyy5rYUCa6DQfPeRDTneNzzc4WGXqsY6Eic0kWLeyX2 c5bJoXFLzh85weTFT7+dL4YkfXykWcSixTiHI1l6Sec4cSnh87aiE8vIeXiMryKbQMmm opcB3HO1xDx1l7EBIVbX2p3HG3CP4Q8SzqG1frMYS7mWSKlx4R3ThXhe9hmWpV6YLl/P 4ty54CAQFvU4XHrsTx+8upxHXXot40xM18wVdZ7qF8h/rvkRQwILdzNPPaCubarSjnxe L3vA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=a0ZInWfo+g/W8r/lSxruj9UOI8RawBzU4iNNRu6vA3E=; fh=10tBNjXj/wkJoIBSfHvI5xr4knRr+m5zCVrzABMRuHI=; b=Qhm1RfqXSFlBOpmSIGkagbrR/DMx3M63XlnBbmFdKvl3CeGK4xWGnYrNA64dx4MupO RKbkRHTPVMheg2neO94Kaq07N9d+x4Tv6tAUVk7pouf+JRl0qmkWwF68TeInyKDV8VB1 XoYpqSv6HWFFkz4Raedu1fS0pHOd37w4vAIR3vJZCJnu0uT3CaZ85fR91fEh42X/LsTy 9mN81y5yyKBxrhQqHiNu9C2Et0YTu9B8oI+iCzZVa6I/gQCmAXGW+y0NNKHsfzCDz7E6 Mu5j5CsJG13cUc+nYjY4+/m+KC0V7xLgw3bELbXFaYyoT45sLpR7CfB8erHLiIEnVfGH 7zJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=gUj3lZ+M; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=eBkGa1Hh; dkim=fail header.i=@unstable.cc header.s=20220809-q8oc header.b=quGk2uRy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id l5-20020a17090a850500b0026f51be8d51si10258753pjn.82.2023.09.05.14.40.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 05 Sep 2023 14:40:16 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=gUj3lZ+M; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=eBkGa1Hh; dkim=fail header.i=@unstable.cc header.s=20220809-q8oc header.b=quGk2uRy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qddlX-0005M0-2b; Tue, 05 Sep 2023 21:39:19 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qddlV-0005Lu-17 for openvpn-devel@lists.sourceforge.net; Tue, 05 Sep 2023 21:39:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-ID: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Y+xiBeVUYb3axTvul6kCKvAHhGs4c0eTHR76F8jvudQ=; b=gUj3lZ+MiBDoabho+kkhLJNYCN IUhMW1CkfWR+S+sqbC3Xae09ZVV/VbhQDOnsyGnzi4Y9epqIkBSPzPkxj3M4xV4mvMNhXRN6qOnMS 0g7rXSDECQXyfIBm7l/auERFs+B1nWQ1GQ8T7gav2CrfPhNHruEhXLe5qj86r/fkgPfw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-ID:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=Y+xiBeVUYb3axTvul6kCKvAHhGs4c0eTHR76F8jvudQ=; b=e BkGa1HhGgGA8PjowbVUgy0dKaxwePvW5/Uchb4PBkD8VBivB1vkPkZr0cWMv3h74Qe41KTF/iBQPR NcTHPbyuHFBmP0/FjyzUF07yqp/7LL6Kid3K/CE3x346UXw6uo5qgZOAS3KvoyAc7Igv/N5HZP8sS xKQAVRGAMr8UhSnA=; Received: from wilbur.contactoffice.com ([212.3.242.68]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1qddNP-00AeRt-Lw for openvpn-devel@lists.sourceforge.net; Tue, 05 Sep 2023 21:14:31 +0000 Received: from smtpauth1.co-bxl (smtpauth1.co-bxl [10.2.0.15]) by wilbur.contactoffice.com (Postfix) with ESMTP id D88315DC; Tue, 5 Sep 2023 23:14:14 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1693948454; s=20220809-q8oc; d=unstable.cc; i=a@unstable.cc; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Transfer-Encoding; l=1313; bh=Y+xiBeVUYb3axTvul6kCKvAHhGs4c0eTHR76F8jvudQ=; b=quGk2uRytdW9x32A+gdBKBDXVw6EkeJZxx0xHODYL4KeGumc96UeKJv2DuagGvG/ cEICNMTyNADJ2pn+mAbxeck5e/BR6PemPS21gFGk5zEzVethh1P91gWu/4C+SerMeBW hn8mzLj299RN8k2bkr2fxqreQ+gZ7LOL5P+CcR0CL0Qjrg9yD6ipYrAZjLdOMtBlRk6 lZqr5hudKOYaIG0L+6gUmSBisY7vbPvAvZ/rBdcWkCdcNsojuvqxqkySjm/34memCM6 vSdtKP2f5LsZysB+rkuT1DgYSodG6Oz8ynxfGfHiRlDXGYrwvq3WGKRq79RlRiYMJRB GBB31+AGmQ== Received: by smtp.mailfence.com with ESMTPSA ; Tue, 5 Sep 2023 23:14:11 +0200 (CEST) From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Tue, 5 Sep 2023 23:13:57 +0200 Message-ID: <20230905211357.581-1-a@unstable.cc> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 X-Spam-Flag: NO X-Spam-Status: No, hits=-2.9 required=4.7 symbols=ALL_TRUSTED, BAYES_00 device=10.2.0.1 X-ContactOffice-Account: com:375058688 X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Antonio Quartulli Add an important detail about the DNS configured via this option to be an "interface-specific" DNS. This detail is important when troubleshooting DNS issues since this logic will bypass the routing ta [...] Content analysis details: (-0.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.3.242.68 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1qddNP-00AeRt-Lw Subject: [Openvpn-devel] [PATCH] man: extend description for "dhcp-option DNS" on Windows X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1776235332213791914?= X-GMAIL-MSGID: =?utf-8?q?1776235332213791914?= From: Antonio Quartulli Add an important detail about the DNS configured via this option to be an "interface-specific" DNS. This detail is important when troubleshooting DNS issues since this logic will bypass the routing table. Signed-off-by: Antonio Quartulli --- doc/man-sections/vpn-network-options.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/man-sections/vpn-network-options.rst b/doc/man-sections/vpn-network-options.rst index b7f33acd..17c7d4a2 100644 --- a/doc/man-sections/vpn-network-options.rst +++ b/doc/man-sections/vpn-network-options.rst @@ -158,6 +158,12 @@ routing. Set primary domain name server IPv4 or IPv6 address. Repeat this option to set secondary DNS server addresses. + On Windows this option sets an "interface-specific" DNS, meaning + that the system will try to reach it via the VPN interface, no + matter what the routing table says. If the wanted DNS is not + expected to be reached via VPN, please don't use this option, but + rather set the DNS manually (or via DHCP). + Note: DNS IPv6 servers are currently set using netsh (the existing DHCP code can only do IPv4 DHCP, and that protocol only permits IPv4 addresses anywhere). The option will be put into the