DNS query from ovpn client to internal dnsmqsq not working after upgade to 25.1

[hekholand]

Hi,

I have an opnsense cluster used as openvpn gateway and dnsmasq DNS server.
When a user connect to openvpn, its dns will be changed to an IP of the opnsense server.
It was working fine in 24.7 but stopped working since the upgrade to 25.1.2.
The DNS service itself is working, I tested it from non-openvpn clients.
But when coming from openvpn client it does not answer.
It's not a client problem: "tcpdump -ni ovpns10 port 53" will display the request
It's not a Firewall problem: I see the DNS request  accepted in the firewall logs
I don't see the query in the dnsmasq logs and no errors too.

I am running out of troubleshooting ideas and would appreciate any hints.

Greeting
Hekho

[hekholand]

So it seems like dnsmasq used to allow DNS request over ovpns interfaces per default prior to 25.1 and this behaviour changed.
There is 2 ways to work around this issue:

1) Set Interface=All in dnsmasq
2) Migrate to unbound and allow DNS to listen to the desired ovpns interfaces