Skip to content

Instantly share code, notes, and snippets.

@jonathanschilling

jonathanschilling/ArchVPN.md

Created October 13, 2022 09:36
Show Gist options
  • Save jonathanschilling/cd4f5410d6ccf066d8ee115fff72af8a to your computer and use it in GitHub Desktop.
Save jonathanschilling/cd4f5410d6ccf066d8ee115fff72af8a to your computer and use it in GitHub Desktop.
Download ZIP
HOW-TO: Create a working OpenVPN configuration on Arch Linux
Raw
ArchVPN.md

Create a working OpenVPN configuration on Arch Linux

Most OpenVPN tunnels only support IPv4. Thus, the system has to be configured such that IPv6 is disabled. Moreover, DNS leaks are still possible and thus, the DNS configuration needs to be adjusted as well.

On Arch, install update-systemd-resolved from AUR (GitHub repo). The following lines then go in the OpenVPN configuration:

script-security 2
up /usr/bin/update-systemd-resolved
up-restart
down /usr/bin/update-systemd-resolved
down-pre
block-ipv6
dhcp-option DOMAIN-ROUTE .

Create /etc/sysctl.d/40-ipv6.conf with the following content:

# https://wiki.archlinux.org/title/IPv6#Disable_functionality
# Restart the systemd-sysctl.service unit to apply the configuration changes. 

# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.wls6.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1

This should do it...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment