Hosts file ignored
212 views
Skip to first unread message
Andrew Black
Mar 16, 2021, 2:29:35 PM3/16/21
to tunnelblick-discuss
I have noticed that when connected to the VPN the local hosts files on a Mac are ignored. Previously this was not the case, but I'm not aware of any changes to the client or server configuration.
To reproduced the issue I can do the following:
- Ensure the VPN is not connected
- Add a line to the hosts file to make it point at an invalid IP (to make it error)
- Browse to the domain added to the hosts file and confirm it loads the site from the IP in hosts (which subsequently displayed an error)
- Hard refresh several times and use incognito to ensure it isn't cached
- Connect to the VPN but change nothing else
- Hard refresh the domain and the domain loads the live site from the IP present in DNS.
Are there any settings on either the client or server side that might cause the hosts file to be ignored while the VPN connection is live?
Thanks.
Andrew.
To reproduced the issue I can do the following:
- Ensure the VPN is not connected
- Add a line to the hosts file to make it point at an invalid IP (to make it error)
- Browse to the domain added to the hosts file and confirm it loads the site from the IP in hosts (which subsequently displayed an error)
- Hard refresh several times and use incognito to ensure it isn't cached
- Connect to the VPN but change nothing else
- Hard refresh the domain and the domain loads the live site from the IP present in DNS.
Are there any settings on either the client or server side that might cause the hosts file to be ignored while the VPN connection is live?
Thanks.
Andrew.
Mike Weber
Mar 16, 2021, 2:41:26 PM3/16/21
to tunnelbli...@googlegroups.com
sounds like a dns thing, where it is changing dns servers, or doing something w/ dns that would ignore hosts file
--
You received this message because you are subscribed to the Google Groups "tunnelblick-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tunnelblick-dis...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/tunnelblick-discuss/e1dbd125-5225-4bcf-9338-eab085729ee7n%40googlegroups.com.
Tunnelblick developer
Mar 16, 2021, 2:45:18 PM3/16/21
to tunnelblick-discuss
Neither Tunnelblick not OpenVPN do anything special to resolve hostnames and just use the facilities provided by macOS, so my guess is that this is something that macOS itself is doing. What version(s) of macOS does this happen on?
Andrew Black
Mar 18, 2021, 9:08:19 AM3/18/21
to tunnelblick-discuss
Thanks for responding to my question.
The Mac this is happening on is running macOS v10.15.7
The version of Tunnelblick is v3.8.4a (build 5601)
My understanding is that, during normal DNS resolution, entries in the hosts file will take precedence over results returned via DNS lookup. Since this issue only takes place when the VPN connection is active, it made me wonder if it were possible to configure Tunnelblick or OpenVPN to allow DNS services provided by the VPN server to override all local DNS resolution, including the hosts file?
Thanks.
Andrew.
Tunnelblick developer
Mar 18, 2021, 9:38:32 AM3/18/21
to tunnelblick-discuss
Tunnelblick does not do anything special to resolve host names; it just uses the mechanism provided by macOS. My understanding is that OpenVPN does the same, but you should check with OpenVPN experts to make sure. You can find some sources for OpenVPN help on the Tunnelblick Support page.
Reply all
Reply to author
Forward
0 new messages