DNS Leak with Client and Network Lock

[myztic 0]

Most of the time everything is fine, but from time to time I have DNS Leaks(1),

As far as I am able to tell this is in no relation to any specific server I connect to,

or to any connection issues / reconnects (I experience nothing like that).

I am on Debian Testing(2), am using the official Client + Network Lock(3),
and think I have configured my Internet Connection properly(4).

 

A DNS Leak destroys much of the value I see in having VPN :/

 

I kindly ask for advice and/or assistance regarding this issue,

 

Greetings

 

(1) Testing with ipleak.net / dnsleaktest.com

 

(2) uname -a

Linux debian 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-2 (2015-04-13) x86_64 GNU/Linux

(2) gnome-session --version

gnome-session 3.14.0

(2) NetworkManager --version

0.9.10.0

 

(3) iptables --version

iptables v1.4.21

(4) DNS Servers 10.4.0.1 and 10.5.0.1 http://postimg.org/image/7p5op299p/

 

[Staff 9748]

Hello,

 

can you explain what you mean with DNS leaks? We ask because there can't be any DNS leak on Linux by definition.

 

What Eddie version are you running?

 

Kind regards

[myztic 0]

DNS Leaks meaning:
1) Being connected to AirVPN
2) dnsleaktest.com / ipleak.net showing Domain Name Servers belonging to ISP

 

Since the original post I have found out:
-) resolv.conf was the culprit, content was something along the lines of (updated automatically by something)

domain lan

domain internet

*router-ip*

 

Therefore I:

1) Deleted resolv.conf update scripts in /etc/openvpn (I had there for no apparent reason...)

 

Currently I have resolv.conf¹ and resolv.conf.airvpn²

 

¹ http://paste.debian.net/171621/

² http://paste.debian.net/171622/
 

As of now everything is working, though the DNS Leak showed itself only from time to time, I'll have to wait and see for the time being.

 

"can you explain what you mean with DNS leaks? We ask because there can't be any DNS leak on Linux by definition."

-> even without Network Lock activated?

Eddie Version 2.8.8

[Staff 9748]

Hello!

 

So it was never a DNS leak. Linux  just sent DNS queries to the specified nameservers and it tunneled them. A DNS leak is when a DNS query is sent in clear text, outside the tunnel. Generally even with disrespect to your configuration.

 

Unless you tweak Linux in a way to have specific nameservers for each interface and you define multiple routing tables, it is impossible to cause "DNS leaks", simply because there are global nameservers.

 

Kind regards