DNS Resolution #3
Description
Posting here for visibility in case it helps anyone who runs into a similar issue or has a better solution.
Ran into an issue where the AWS configured DNS server was not being utilized, resulting in internal addresses not being able to be resolved. I'm unsure how the VPN client automatically handles this and I don't see any references in the exported OVPN file.
Option 1 - resolv.conf
Overwrite /etc/resolv.conf directly to use the new DNS server
nameserver xxx.xxx.xxx.xxx
This overrides ALL traffic to go through the AWS DNS server. If the gateway is properly configured (e.g. with split tunneling) and load/performance isn't an issue, this is the simplest.
Option 2 - dnsmasq
Use dnsmasq for more granular control of which nameservers to use for address ranges.
Overwrite /etc/resolv.conf to point to internal dnsmasq address, defaults to 127.0.0.1
nameserver 127.0.0.1
Uncomment no-dhcp-interface and add in default nameserver and nameservers for specific internal domains
server=xx.xx.xx.xx
server=/mydomain.com/yy.yy.yy.yy
Option 3 - route gateway config
This is the most advanced option. Note that I couldn't get this to work for my usecase, but this would be the most portable as the configuration should be encapsulated within the ovpn file.
This should be some combination of
route-gateway xx.xx.xx.xx
push "route-gateway xx.xx.xx.xx"
push "route yy.yy.0.0 255.255.0.0 xx.xxx.xx.xx 1"
The exact combination of addresses and gateway will depend on your route list.