Recently, I encountered an interesting issue that seemed worth sharing. It was one of those subtle but classic networking puzzles.
The Setup
I had a frontend deployed publicly. However, it needed to make requests to internal load balancers that were behind Cloudflare. These services were only accessible through a VPN connection.
The Problem
Although I was connected to the VPN successfully, the frontend was unable to reach the backend services. After some investigation, I discovered that DNS resolution was failing. My laptop was unable to resolve the necessary internal domains.
❯ curl -v some-random-domain
* Could not resolve host: some-random-domain
* Closing connectionThe Fix
After a bit of trial and error, I manually added 1.1.1.1
(Cloudflare’s public DNS resolver)
to my laptop’s DNS settings.
After adding 1.1.1.1, DNS resolution worked as expected, and the frontend
could reach the backend services over the VPN.
Why This Makes Sense
Here’s what was likely happening:
- The VPN provided the necessary network access to the internal load balancers.
- However, it did not override my DNS settings correctly, or its DNS resolvers were unable to resolve the internal domains behind Cloudflare.
- By using
1.1.1.1, I bypassed the VPN’s DNS limitations and utilised Cloudflare’s public resolver, which could correctly resolve those domains.
Takeaway
A VPN connection doesn’t always guarantee working DNS resolution. If things break, try manually setting a public DNS resolver like Cloudflare (1.1.1.1) or Google (8.8.8.8). It’s a small tweak that can solve big headaches.