as I’m german and unfortunately don’t speak english, I’m using deepl.com for this post. I hope you forgive me for any language mistakes and can still help me.
Now to my problem: I run my IPFire behind a FritzBox 6591 which is connected to a Vodafone cable connection. No cable modem from Vodafone is used.
To solve the dynamic DNS problem, I use the Dyn service from INWX. Since I run an automatic script, my dynamic domain (dyn.domain.de) is informed quite quickly of a new IP address for dyn.domain.de.
I can check this by calling my website in the DMZ after changing my Vodafone IP. If this is accessible, it means that dyn.domain.de has taken over the new Vodafone IP.
However, with OpenVPN I have the problem that the VPN clients of my Android devices do not notice this IP change. I interpret this as that the OpenVPN client on the Android devices uses an internal outdated DNS cache and therefore tries to access the outdated Vodafone IP?
The lifetime of such cache entries is configured by the dyn dns service. Usually it is set to one minute.
But you cannot force the update after changing it. If an entry with too long lifetime its already in the cache (by you DNS provider) you have to wait until it times out.
The update has already been performed. Otherwise I could not access my website with this domain and the new IP.
With the new IP, my website works behind the new IP/dyn.domain.de, OpenVPN does not work with the new IP/dyn.domain.de.
Ah okey. That’s right, when I try it on the same device, the page doesn’t load in the browser either.
It does on the PC but not on the Android device.
Can Android be “taught” that the DNS cache is regularly cleared?
Have now found the cause of the problem: It is the internal DNS cache of Android itself. While I can call dyn.domain.de on the laptop after the IP refresh of dyn.domain.de, I can’t do that on the Android yet.
Only after I turned flight mode on and immediately off again on the Android, I could call dyn.domain.de on the Android. I.e. the flight mode apparently clears the DNS cache from the Android.
Only what is the solution? Is there any way to have the Android automatically clear the DNS cache, or better yet, can I teach the OpenVPN client to clear the DNS cache before connecting?
For Win there is in the OpenVPN Config the “–register-dns” option. Only as I said, this only works with the Windows client.
Searching for clearing DNS cache on android then the most common answers I found are
Toggle airplane mode
Reboot the device
Open Chrome enter chrome://net-internals/#dns and select DNS and click Clear host cache
Of all of those the one you have already tried, toggle airplane mode, seems the easiest and quickest.
The only other thing could be to check the website forum for the OpenVPN client you are using on your Android phone and see if they have any suggestions but looking at my OpenVPN for Android app there is nothing related to the android’s dns cache, only the dns servers that it will use once the tunnel has been created.
It will depend very much on what TTL has been set in the dns resolver being use in your android phone. Numbers I have seen mentioned are that the ttl can be 2 hours but a few mention longer.
So I think toggling the airport mode seems the simplest solution.
How often does your ISP change your IP address?
If it is not that frequently, say every week or so, then you could just try connecting first with your OpenVPN client and only if it does not connect then toggling airplane mode and trying to reconnect again.
