openvpn dnsmasq Ubuntu Server 14.04

April 13, 2015 6.1k views

Hi, I am a bit of a newbie but was hoping to get some help. I basically followed this tutorial to set up openvpn on my digital ocean ubuntu 14.04 server. Everything works fine except for a few things. I basically want to use dnsmasq so VPN routes through the /etc/hosts file, so I can block ad servers using a list provided by

At the same time, I also want to set my DNS servers to a specific provider.

No matter what I try, I can't seem to get the /etc/hosts file working with OpenVPN.

In the openvpn server config file I have DNS pointing to the servers I would like to use:
push "dhcp-option DNS"
push "dhcp-option DNS"

In the /etc/dnsmasq.conf, I have
which is the ip address VPN connects with on the server

I also have #bind-interfaces uncommented in the same file.

So when trying to specify which DNS servers to use, it seems the /etc/hosts file is overlooked.

Anyone have any ideas on what I can check or settings to adjust?

Any help appreciated.

1 comment
  • Better late than never, right? :)

    I don't think I have a full picture of your setup, especially: are DNS DNS (at least one) the same machine as OpenVPN?
    Just to be clear, those machines should be the ones with dnsmasq and an apropriate hosts file. Then in dnsmasq conf you put other/public DNS addresses you want dnsmasq to check.

    So just a few general things to check:

    1. If those are other machines (with dnsmasq) check firewall/iptables port 53
      Even if it's the same allow to port 53, if it's another machine, allow the public IP of the OpenVPN server.

    2. What OS are you using to check? flush dns (in windows as cmd admin: ipconfig /flushdns) and clear browser cache, maybe the hosts isn't overlooked but some pages are opened from cache. Check

    3. Consider being a god netizen :)

      domain-needed bogus-priv

      and consider reducing the strain on your dnsmasq machine:

      cache-size= local-ttl=

    Hope this helps at least a bit.

Be the first one to answer this question.