connecting to dynamic dns

David Woodhouse dwmw2 at
Sat Nov 29 05:54:48 PST 2014

On Sat, 2014-11-29 at 08:29 +0100, Nikos Mavrogiannopoulos wrote:
> When connecting to an IP which is dynamic, it may often change and
> require a reconnection. However, cstp_reconnect() will attempt to
> connect to the cached IP and never fallback. The attached patch fixes
> the issue for me, but what would be the best approach?
> 1. Don't cache the IP at all

Hm, the problem with this is that you may now be using a DNS server *on*
the VPN. So it's unlikely that the DNS lookup will succeed. And even if
it *does* work because you still have a live DTLS connection, if you
have schizoDNS you might find that the hostname either doesn't exist in
the internal view or resolves to something different.

And then if you have full tunnel routing you're going to need to change
the routes so that the new server IP address isn't routed through the

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <>

More information about the openconnect-devel mailing list