-1

I created a natgateway using opnsense

I created a VM in a private network which is behind the natgateway so that all internet traffic will pass through opensense into the client VM

I can ping google ip (142.250.190.142) through opnsense which works fine

but I can't ping the domain name www.google.com and also I can't update OS using apt update

I get error this

temporary failure in name resolution

I am using hetzner cloud provider for VMs

the archecture of hetzner is that de default gateway take the first ip address since servers are not connected directly. The flow is like this (client server > gateway > opnsense)

Interface config on the client VM

/etc/network/interfaces

auto lo iface lo inet loopback auto enp7s0 iface enp7s0 inet dhcp post-up ip route add default via 10.0.0.1 dns-nameservers 185.12.64.2 185.12.64.1

IP address

opnsense router 10.0.0.2 VM 10.0.0.3 gateway 10.0.0.1

enter image description here

Improve this question
11
  • Why do you add route, and not use DHCP for this? Do you have a drawing for your topology? What does dig example.com @185.12.64.2 show? Commented May 1, 2024 at 11:38
  • @vidarlo I have updated my question with the diagram Commented May 1, 2024 at 12:16
  • I am getting network unreachable on dig example.com @185.12.64.2 Commented May 1, 2024 at 12:19
  • Why do you have the add route statement? What is the IP of opnsense? Commented May 1, 2024 at 12:33
  • hetzner does not connect their servers directly. It uses a gateway to connect to each other. the gateway ip is 10.0.0.1. That is why I added it. The ip of opnsense is 10.0.0.2 Commented May 1, 2024 at 12:40

2 Answers 2

Reset to default
0

I edited this file /etc/systemd/resolved.conf and added dns

Improve this answer
0

I edited this file /etc/systemd/resolved.conf and added dns

You don't want to do that.

If you want to stick with the debian networking stuff (i.e., /etc/network/interfaces; I never really know what it is called; ifup scripts?), delete the current /etc/resolv.conf (which should be a symlink), and use touch to recreate a empty regular file at the same path. Then restart this networking stuff, or maybe just reboot if you don't know how. After the reboot you should be able to see the nameservers being added to /etc/resolv.conf by this debian networking stuff.

Otherwise, stop using and disable this stuff and switch to systemd-networkd (and systemd-resolved).

Make sure you revert the change to /etc/systemd/resolved.conf in either case.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.