VPN Causes DNS Failures
(I have an er605 in which I have 2 Wan and 2 lan.
Lan 1: Everything by default
Lan 2: On this lan I have VPN(OPENVPN) that spans all Vlan
The omada server is on lan 1)
I have observed that DNS 8.8.8.8 sometimes responds and sometimes does not.
Because of this, perform ping and traceroute from different points on the network
Ping and traceroute from lan 1: pings respond (30ms on average) and traceroute seems to be all ok. But sometimes it stops responding on the entire LAN leaving devices that use said DNS offline
Ping and traceroute from OMADA (Network Check): *here it gets fun* The ping gives me an average of 250ms and when measuring the tarceroute I realize that it gives me that latency because the DNS 8.8.8.8 is jumping through the lan 2 vpn. Only that DNS jumps to the LAN 2 VPN, I do the ping and traceroute but DNS 8.8.4.4 gives me everything correct and without jumping to the LAN 2 VPN
Ping and traceroute from the terminal: I ping at 8.8.8.8 and it comes out 100% packet loss and the tracert only jumps at 169.254.11.21 and there it stays
Who is to blame for all these failures?
-------The VPN------
The vpn assigns me 2 dns, the first is the vpn gateway and the 2 is 8.8.8.8
When the VPN assigns me 8.8.8.8, it is seen that the ER605 begins to have failures with said DNS
The last thing was to ping -t and see how it came out since 8.8.8.8 could not be accessed and the moment I turned off the vpn of lan 2 the dns 8.8.8.8 began to respond correctly at all points. I turned the VPN back on and the fault came back
(I think this bug could also affect the DNS cache since the router would not be able to access the DNS 8.8.8.8 the DNS cache would also fall)
I clarify that I have not verified the latter but it fits very well with failures that I have had with the DNS cache*
@Clive_A I understand what your saying to me. But is it normal that when I activate the VPN (VpnJapon) the DNS 8.8.8.8, which is the DNS that said VPN uses by default, stops working on the entire network? Even if it is not the network that has the VPN? And according to the routing table it tells me that it is sending 8.8.8.8 to the VpnJapon interface?
The DNS responds well from all points and with normal latency. It is the precise moment that I activate the VPN, the DNS drops and does not respond again until I turn off the VPN
Hi @Josvell
Thanks for posting in our business forum.
I have several questions:
1. Do you have access to the 8.8.8.8? What's the tracert like on the PC?
2. What's the OVPN tunnel mode? Now, the VPN forces 8.8.8.8 to route over the VPN tunnel, it seems to be a setting on the VPN server. Do you host the server or it is third-party?
Josvell wrote
@Clive_A I understand what your saying to me. But is it normal that when I activate the VPN (VpnJapon) the DNS 8.8.8.8, which is the DNS that said VPN uses by default, stops working on the entire network? Even if it is not the network that has the VPN? And according to the routing table it tells me that it is sending 8.8.8.8 to the VpnJapon interface?
The DNS responds well from all points and with normal latency. It is the precise moment that I activate the VPN, the DNS drops and does not respond again until I turn off the VPN
It should not stop the entire network's Internet access.
Unless you are using the full tunnel mode. And the server is misconfigured causing the traffic to stop.
What do you expect to achieve with this VPN server? Might be wrong for the use case?