This is wierd.

I just got openvpn working using HotspotVPN's openvpn service.

After the connection, however, the resolv.conf file is not updated with the DNS servers supplied by Hotspot. So I manually added the server to the resolv.conf file.

Now, I have no problems doing nslookups on an xterm but opening the website in the browser errors out unable to find the site. Typing the site's IP works. its something to do with the way OS2008 handles DNS.

my resolv.conf looks like this:

127.0.0.1
nameserver 216.240.130.2

Any help would be appreciated!

just a single ip in this file (without nameserver) is not valid syntax maybe this is a problem (nslookup trieds the second server if the first doesnt work imho). have you tried it without the 127.0.0.1 or better nameserver 127.0.0.1 standing there.

While VPN is acitve, there is no difference using:

nameserver 216.240.130.2

OR

nameserver 127.0.0.1
nameserver 216.240.130.2

In the second case nslookup takes a bit longer but I still can't browse any websites in the browser. I can't understand what the browser is using to resolve domain-names. Why is the browser having a hard time when nslookup doesn't?

maybe its a different implementation of how to use dns. nslookup may go fast to the second server and the browser may wait for a timeout when trying the first one or even only uses the first one. if often got issues with such dns stuff ... some implementations take a random dns server from those available, some take only one, some try long and other shorter. Even some start at the beginning of the file and other from the end *g* So with moving the local dnsmasq from port 53 to port 55 dns on 127.0.0.1 is no longer available. (guess its not working anyway if your providers dnsserver is not included in the dnsmasq config or a file which is there included (as for example /tmp/resolv.conf.wlan0))

moving the dnsmasq to 55 really takes down internet browsing. I initially figured this was an openvpn issue but when the vpn was disconnected with dnsmasq set on port 55, the browser would still fail to resolve names. It was only when I reset the port back to 53 when things became normal.

What would happen if I were to disable dnsmasq altogether so that it doesn't start at boot? is that feasible?

I stop dnsmasq and with a working dns server (from your isp/router) in /etc/resolv.conf my browsing still works. I guess dnsmasq just runs to easily bound together different dns servers which are added when different interfaces come up together (its realy not funny to remove and add lines from the middle of resolv.conf when interfaces are going up and down) . But i dont know how much some applications may rely on a dns server listening on 127.0.0.1.

I would just try to disable dnsmasq, make sure in /etc/resolv.conf is one working dns-server and in case something is not working first check that this is no dns problem because of no running dns on localhost (check with tcpdump for example)

What happens if you ping a DNS name, eg ping bbc.co.uk - does it resolve the address? Would be nice if you could isolate the problem to the browser (a proxy setting?)

.. by the way, this is my resolv.conf:

Interesting. I thought I'd set it to my router, ie same as my default gateway (the router has a DNS relay) - which would be the same as my PC. Clearly the nokia has its own DNS service. Wonder why they've done that.