VPN network DNS resolution does not work for Android apps
asked 2019-05-03 16:06:45 +0300
Hello! I use at the moment the SecureFishNet for VPN connection because the native client gives me an error for some unknown reason (there is other question about that). While it works fine with native browser and other apps, the DNS does not work with Android apps like Firefox browser. I have to give the IP address every time to get to the site or other place. This is a problem where there is several services on the same IP address at the same time.
Does anyone have a workround for this? I have tried differend SFN settings without a solution.
The symptoms you see show that the Android environment uses a different resolver than Sailfish after you started the VPN connection. Have you tried stopping Android Support, starting the VPN connection and then starting Android Support again? Perhaps DNS resolver information will then get passed to the Android environment.
Unfortunately, I can't test this because I don't ever run Android Support.
Maus ( 2019-05-03 19:42:26 +0300 )editThanks for the idea Maus but after testing the result is still the same. I have also rebooted whole device etc.
2kanaa ( 2019-05-04 00:19:22 +0300 )editI know that my comment will not be a big help. When I'm connected to my openVPN Server via SecureFishNet, Threema, Conversarion, here maps and all my other german Android Apps do connect to the internet. Xperia X with 3.0.3
edit: firefox from yalp store does work as well
dirksche ( 2019-05-04 12:18:12 +0300 )edit@dirksche, @2kanaa, this only makes sense if SFOS and Android Support use completely different virtual interfaces on top of the physically active network interface. I can imagine how I'd have to set up something like this, and I can even imagine why it would have been implemented that way, but anyway, this would be a disappointing thing.
Maus ( 2019-05-04 21:16:59 +0300 )edit@Maus Sorry, I don't understand your comment. For me everything works fine. Android apps do connect to the internet when VPN is active
dirksche ( 2019-05-04 22:09:29 +0300 )editHello, Sorry, maybe I was a bit unclear... My need is to connect to the VPN network and services there, not to the internet which works ok. I have several services running behind the VPN. So I've changed the header to describe the problem better. And the DNS resolution clearly works for the native apps in that VPN network still.
2kanaa ( 2019-05-04 22:57:51 +0300 )editOh, I see. Than I'm out. Sorry
dirksche ( 2019-05-04 23:15:30 +0300 )edit@dirksche, sorry, I misinterpreted your comment as related to the question. If it does not say Android apps connect to the internet, while native apps connect via VPN then please ignore my comment: it only complicates matters.
@2kanaa so I was right with my first comment: the resolver in Android is not using the resolver that gets "pushed" via VPN. I don't have a clue how Android manages name resolving, but it seems it does not use connman information or
Maus ( 2019-05-04 23:18:37 +0300 )edit/etc/resolv.conf. I hoped that the active resolver gets transferred to the Android environment if it gets started after establishing the VPN connection.I don't understand much about vpn, but I have used custom dns via resolv.conf, and I found that, for one, connman automatically rewrites resolv.conf at boot, so you need to chattr +i, but, for two, /etc/resolv.conf is a symlink to /var/run/connman/resolv.conf, so better to delete the symlink, create a new file, then chattr +i, and maybe change other one also...
Levone1 ( 2019-05-05 02:29:38 +0300 )edit