openvpn and DNS

networking dns vpn openvpn
7,286

From the comments...

Turn dnsmasq back on, and in your network connection profile, go to the IPv4 tab and change Automatic (DHCP) to Automatic (DHCP) addresses only and then retry your leak test.

Share:
7,286

Related videos on Youtube

Fritz
Author by

Fritz

Updated on September 18, 2022

Comments

  • Fritz
    Fritz over 1 year

    I'm on Ubuntu 16.04 and I have setup an openvpn connection that works fine. Before starting the vpn connection, my ISP DNS is defined in /etc/resolv.conf from DHCP:

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver isp.x.y.z

    I have added the followign lines to the openvpn configuration file:

    up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

    so the /etc/resolv.conf gets updated when I start the vpn connection. When started, it looks like this:

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver vpn.x.y.z
nameserver isp.x.y.z

    with vpn.x.y.z the IP of the vpn DNS server; what I wanted. However, the line for my ISP DNS is still there. This causes a problem when running a DNS leak tests as my ISP DNS gets queried.

    So I'm trying to get rid of the entry of my ISP when starting the openvpn connection. It works fine if I remove it manually but I'd like to get this automated. Any suggestion?

    Thanks!

    Fritz

    • Boris Hamanov
      Boris Hamanov about 7 years
      Clear the list of DNS Servers defined in your connection profile.
    • Fritz
      Fritz about 7 years
      How? What do you mean by "connection profile"? I have not defined any dns entry anywhere, they are either coming from network manager and dhcp or openvpn.
    • Boris Hamanov
      Boris Hamanov about 7 years
      Connection profile... go to Network icon in the top panel, choose Edit Connections..., find the profile for "Wired Connection"/whatever, go to the IPv4 tab, and clear any list of DNS servers shown there.
    • Fritz
      Fritz about 7 years
      I checked that one already and can confirm I do not have any DNS entry in any NetworkManager connection. My DNS is defined dynamically via DHCP.
    • Boris Hamanov
      Boris Hamanov about 7 years
      If you're seeing nameserver isp.x.y.z in resolve.conf, then you're probably not running dnsmasq. What's in your /etc/NetworkManager/NetworkManager.conf?
    • Fritz
      Fritz about 7 years
      Indeed, I switched off dnsmasq by commenting out the line dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf . I have try both actually; with dnsmasq on, my /etc/resolv.conf contains the line nameserver 127.0.1.1 but still any dns leak test reveals my isp dns
    • Boris Hamanov
      Boris Hamanov about 7 years
      Test with leaving dnsmasq on/off, and in your network connection profile, go to the IPv4 tab and change Automatic (DHCP) to Automatic (DHCP) addresses only and then try your leak test.
    • Fritz
      Fritz about 7 years
      It did the trick. I have set the connection to Automatic (DHCP) addresses only and dnsmasq on at no leak anymore. Thanks a lot!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OpenVPN client not getting DNS information
openconnect is connected but does not use the right dns
Network only using one DNS when connected to VPN
Ubuntu 18.04 systemd-resolve doesn't read the /etc/resolv.conf properly
Enable DNS Hostname resolution with OpenVPN and DNSMasq
openvpn - How to set client to use local gateway? aka use connection for resources on its network only
Can't resolve internal/private DNS entries over VPN connection
Send all OpenVPN traffic through proxy or TOR proxy?
OpenVPN setup with PIA - Connects but no internet
AEAD Decrypt error: bad packet ID on openvpn using UDP