VPN service opens tun0 device in the docker container:
sudo docker exec -it 966f926484bc sh
/opt/Dockovpn # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20553 errors:0 dropped:0 overruns:0 frame:0
TX packets:20539 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14609434 (13.9 MiB) TX bytes:14757264 (14.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:7825 errors:0 dropped:0 overruns:0 frame:0
TX packets:12572 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1673378 (1.5 MiB) TX bytes:12115333 (11.5 MiB)
Installing tcpdump
/opt/Dockovpn # cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.14.1
PRETTY_NAME="Alpine Linux v3.14"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"
sudo docker exec -it 966f926484bc sh
apk update
apk add --update tcpdump
(1/2) Installing libpcap (1.10.0-r0)
(2/2) Installing tcpdump (4.99.0-r0)
Executing busybox-1.33.1-r3.trigger
OK: 20 MiB in 46 packages
The following section should be added to the Dockerfile:
RUN apk update \
&& apk add --update sudo \
&& apk add --update curl \
&& apk add --update busybox-extras \
&& apk add --update tcptraceroute \
&& apk add --update tcpdump \
&& apk add --update bind-tools \
&& apk add --update bash
Using tcpdump with tun0 deivce
tcpdump -i tun0 > dump.txt 2>&1
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on tun0, link-type RAW (Raw IP), snapshot length 262144 bytes
14:11:23.685357 IP 10.8.0.6.54094 > 95.167.13.50.443: Flags [S], seq 636576023, win 65535, options [mss 1289,sackOK,TS val 3049079235 ecr 0,nop,wscale 10], length 0
14:11:23.685437 IP 10.8.0.6.54106 > 95.167.13.50.443: Flags [S], seq 693922812, win 65535, options [mss 1289,sackOK,TS val 3049079237 ecr 0,nop,wscale 10], length 0
14:11:23.685482 IP 10.8.0.6.56308 > 149.154.167.50.443: Flags [S], seq 3671445087, win 65535, options [mss 1289,sackOK,TS val 1433801443 ecr 0,nop,wscale 10], length 0
14:11:23.694025 IP 149.154.167.50.443 > 10.8.0.6.56308: Flags [S.], seq 63185511, ack 3671445088, win 24560, options [mss 1240,sackOK,TS val 1793857137 ecr 1433801443,nop,wscale 5], length 0
14:11:23.697859 IP 10.8.0.6.59494 > dns.opendns.com.853: Flags [S], seq 1260485743, win 65535, options [mss 1212,sackOK,TS val 2050917553 ecr 0,nop,wscale 10,tfo cookiereq,nop,nop], length 0
14:11:23.700105 IP 10.8.0.6.54776 > dns.umbrella.com.853: Flags [S], seq 3581090777, win 65535, options [mss 1212,sackOK,TS val 3374423231 ecr 0,nop,wscale 10,tfo cookiereq,nop,nop], length 0
14:11:23.733145 IP 10.8.0.6.54808 > dns.umbrella.com.53: 15255+ A? mtalk.google.com. (34)
14:11:23.747697 IP 10.8.0.6.22925 > dns.umbrella.com.53: 13744+ A? 0.pool.ntp.org. (32)
14:11:23.748423 IP 10.8.0.6.9703 > dns.umbrella.com.53: 59850+ A? 2.pool.ntp.org. (32)
...
Copying file to host:
sudo docker cp 966f926484bc:/opt/Dockovpn/dump.txt .
sudo chown dmitriano:dmitriano dump.txt
https://support.opendns.com/hc/en-us/articles/360052884932-OpenDNS-Self-Help-Troubleshooting-Guide
IPv4 DNS Server Addresses
208.67.220.220
208.67.222.222
https://github.com/OpenVPN/openvpn/issues/503#issuecomment-2587400495
DNS is not working for Android. It is also not working for Windows according to your log.. Your Windows box might circumvent the VPN for DNS or do some other magic to get DNS. But Android doesn’t. Your the problem is your network setup and that DNS does not work. There is nothing wrong with OpenVPN for Android or OpenVPN itself.
https://stackoverflow.com/questions/50299241/ubuntu-18-04-server-how-to-check-dns-ip-server-setting-being-used
systemd-resolve –status