By default VMs connected to an OpenVPN netvm gets DNS routed automatically, using the standard nameservers 10.139.1.1
and 10.139.1.2
.
In my Wireguard VPN VM, at least in R4.1, I find myself manually setting DNS servers in /etc/resolv.conf on my AppVMs on boot.
Using the default nameservers gives this output in my Wireguard VM:
IP 10.137.0.38.34613 > 10.137.0.45.domain: 39604+ A? eff.org. (25)
IP 10.137.0.45 > 10.137.0.38: ICMP 10.137.0.45 udp port domain unreachable, length 61
IP 10.137.0.38.34613 > 10.137.0.45.domain: 56250+ AAAA? eff.org. (25)
IP 10.137.0.45 > 10.137.0.38: ICMP 10.137.0.45 udp port domain unreachable, length 61
IP 10.137.0.38.40639 > 10.137.0.45.domain: 39604+ A? eff.org. (25)
IP 10.137.0.45 > 10.137.0.38: ICMP 10.137.0.45 udp port domain unreachable, length 61
IP 10.137.0.38.40639 > 10.137.0.45.domain: 56250+ AAAA? eff.org. (25)
IP 10.137.0.45 > 10.137.0.38: ICMP 10.137.0.45 udp port domain unreachable, length 61
Shouldn’t be a firewall issue, I flushed all rules temporarily while testing.
And other traffic gets through, including ICMP.