Jump to content
Not connected, Your IP: 3.80.5.157

Recommended Posts

 

 

 

 

You said in another topic (this one) that there are no DNS Leaks on Linux. However, I'm using Ubuntu 14.04 (64bit) and I'm having DNS leaks, as one can see in the attachment to this post. 

 

I'm using the AirVPN Client and under "Preferences" - "Advanced" I've tried both "Resolvconf" and "Renaming". I've had DNS leaks with both.

 

How should I fix it? Why am I having DNS leaks in Linux if that's not supposed to happen?

 

 

 

 

Share this post


Link to post

Hello!

 

That's right, there are no DNS leaks on Linux. Can we see the content of your /etc/resolv.conf file before and after a connection to a VPN server, with method "Renaming"?

 

Maybe your system sends to your ISP IPv6 DNS queries.

 

Kind regards

Share this post


Link to post

Hey there,

 

Thanks for getting back at me!

 

The requested info is the following:

 

WHILE NOT CONNECTED:
 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
search home
 
WHILE CONNECTED:
 
# Automatically generated by AirVPN client v2.4 | https://airvpn.org . Any manual change will be overridden.
 
nameserver 10.4.0.1

Share this post


Link to post

If you're using the client update to the latest version: https://airvpn.org/linux_ex/

 

I haven't used ubuntu in a while but I'm guessing it has a network manager. ​

 

If that's the case go into the network manager and edit the ipv4.

​Try setting the dns to manual and adding in 10.4.0.1 ​

​If its still leaking then check the resolv.conf again while the air client is connected.

​As I said I haven't used ubuntu in ages but there's really not many things that would cause a leak.

​You might also wanna consider only allowing out to 10.4.0.1 on port 53 with iptables. But the 2.6 client should do that for you.

Share this post


Link to post

I also had this issue on Linux, but if you have everything ticked in Preferences > Advanced and have DNS Mode as Renaming (Linux) it should fix it.

Share this post


Link to post

I can confirm if Eddie 2.6 is configured correctly -- there is NO dns leak on 14.04.  Under options; I use renaming and also have "ticked" to verify AirVpn dns/tunnel is being used.  I do NOT have the network lock enabled.  I personally use UFW locked to tun0 in lieu of the network lock because I want/need device isolation on my LAN.

Share this post


Link to post

 

Again, DNS Leaks, or whatever that is since "there's no DNS leaks on linux"..

 

What am I doing wrong? What should I do to fix this?

 

Here's the contents of resolv.conf while connected to the VPN:

 

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.4.0.1
nameserver 127.0.1.1
search home
 
 
I have everything ticked in advanced (other than "Expert Mode") and I'm using "Renaming". I get dns leaks (or whatever) with resolvconf. 
 

Share this post


Link to post

Removing the below lines from the resolv.conf should fix it.

nameserver 127.0.1.1

search home

 

But if you're using the 2.7 client and have the dns options checked in the gui this shouldn't be an issue. What browser are you running / testing with?

Share this post


Link to post

I'm having exactly the same issue as OP.

 

 

I can confirm if Eddie 2.6 is configured correctly -- there is NO dns leak on 14.04.  Under options; I use renaming and also have "ticked" to verify AirVpn dns/tunnel is being used.  I do NOT have the network lock enabled.  I personally use UFW locked to tun0 in lieu of the network lock because I want/need device isolation on my LAN.

 

No, you can not confirm that. You not having DNS leaks (or whatever that is) does not mean "there is NO dns leak". It just means you're not having DNS leaks. 

Share this post


Link to post

I'm having exactly the same issue as OP.

 

 

I can confirm if Eddie 2.6 is configured correctly -- there is NO dns leak on 14.04.  Under options; I use renaming and also have "ticked" to verify AirVpn dns/tunnel is being used.  I do NOT have the network lock enabled.  I personally use UFW locked to tun0 in lieu of the network lock because I want/need device isolation on my LAN.

 

No, you can not confirm that. You not having DNS leaks (or whatever that is) does not mean "there is NO dns leak". It just means you're not having DNS leaks. 

 

 

Hello!

 

Linux queries global DNS servers that are specified. Windows queries DNS servers specified on every and each network card, even with an apparently random behavior.

 

A DNS leak occurs when a DNS server is queried against system settings for a particular connection. This can happen if a system lacks the concept of global DNS and starts querying randomly all the DNS servers it can find anywhere configured in any network card.  Since Windows lacks the concept of global DNS and Linux does not, a DNS leak by definition can occur on Windows and can not occur on Linux. On 100% of the cases, so-called DNS leaks on Linux are configuration mistakes.

 

Kind regards

Share this post


Link to post

stupidcats, how did you install your internet connection with your ISP?

Did you use Ubuntu Network manager only or did you use the 3rd party setup manager (provided or recommended by your ISP, for instance)?

In former case please check up DNS parameters there and what did you mark in it.

In latter case there ultimately be a parameter in advanced settings which allow to suppress all other DNS settings and use your ISP's DNS.

 

=====

When you type in the terminal

 

nslookup -type=txt debug.opendns.com. 208.67.222.222
 

 

 

what is the response?

Share this post


Link to post

 

stupidcats, how did you install your internet connection with your ISP?

Did you use Ubuntu Network manager only or did you use the 3rd party setup manager (provided or recommended by your ISP, for instance)?

In former case please check up DNS parameters there and what did you mark in it.

In latter case there ultimately be a parameter in advanced settings which allow to suppress all other DNS settings and use your ISP's DNS.

 

=====

When you type in the terminal

 

nslookup -type=txt debug.opendns.com. 208.67.222.222
 

 

 

what is the response?

Hello,

 

To connect to internet, all I did was plug the ethernet cable in my computer and voila. I didn't change anything else. 

 

Plugging the command you told me, I get the following output:

 

 

Server: 208.67.222.222
Address: 208.67.222.222#53


Non-authoritative answer:



Authoritative answers can be found from:
 

 

Please let me know if there's anything in said output that should not be public, so I can edit it out.

Share this post


Link to post

if there's anything in said output that should not be public

 

To protect your privacy, delete all  after Non-authoritative answer

 

Your ISP allows other parties' DNS.

 

So the problem is in your settings.

 

Try the following:

https://support.opendns.com/entries/38042814-Ubuntu

 

One more point.

There can be more than one resolv.conf file in your system. So you have to use "find" option to find and correct (sudo gedit /YOUR_PATH/resolv.conf)   all of them to

 

nameserver 208.67.222.222
nameserver 208.67.220.220
 

 

 

If you have to install openvpn  manually then  in this case you  ultimately  have to correct manually update-resolv-conf.sh

At any case it is worth  checking path in update-resolv-conf.sh

 

sudo gedit /etc/openvpn/update-resolv-conf.sh
 

 

 

initially

 

#RESOLVCONF=/usr/bin/resolvconf
 

 

 

should be

 

RESOLVCONF=/YOUR/ real/ location/ of/resolvconf
 

Share this post


Link to post

I contacted support and they solved my problem. Using "renaming" should fix the issue (though I'm almost sure I once had a DNS leak while using that). My resolv.conf now looks ok.

 

There are two files in my /etc/ folder, one resolv.conf and another resolv.conf.airvpn. The first looks ok, the second one does not. Hopefully it's not used.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...