Jump to content
Not connected, Your IP: 3.148.105.152
VpnTurtle

Incredible DNS leak on DD-WRT router

Recommended Posts

Hi all,

I'm writing to report an incredible issue with my dd-wrt router and a dns leak occurred today.

 

First of all: I'm using this dd-wrt router + AirVPN since April 2016, and I hadn't any dns issue.

The router is correctly configured with 3 static DNS (10.4.0.1, 10.4.0.1 and 10.4.0.1 - AirVPN's dns) + Forced DNS Redirection option turned on + a firewall rule as killswitch.

 

Today, I've installed a VM with windows 10 on my computer (host OS is linux), and after setting up the network (on the VM) I went to ipleak.net. And surprise... there were my ISP dns (just after the AirVpn's one)!!!

I refreshed a couple of time the page and eventually it gone away. It reappeared a couple of time, and then gone away another time.

 

Now I'd like to ask, how this is even possible, having my router perfectly configured?!

 

This is incredibly odd to me.

Share this post


Link to post

Hi,

 

I am no dd-wrt expert but since it's linux-based, I think I can help.

If there's a way to type in custom commands, type this:

 

iptables -t nat -A PREROUTING -i <interface> -p udp --dport 53 -j DNAT --to-destination 10.4.0.1:53
iptables -t nat -A PREROUTING -i <interface> -p tcp --dport 53 -j DNAT --to-destination 10.4.0.1:53

where <interface> is the LAN interface.

But if there's a way to add these commands using the GUI, USE it first!!!

 

Hope it helps!

Share this post


Link to post

Hi,

 

I am no dd-wrt expert but since it's linux-based, I think I can help.

If there's a way to type in custom commands, type this:

 

iptables -t nat -A PREROUTING -i <interface> -p udp --dport 53 -j DNAT --to-destination 10.4.0.1:53
iptables -t nat -A PREROUTING -i <interface> -p tcp --dport 53 -j DNAT --to-destination 10.4.0.1:53

where <interface> is the LAN interface.

But if there's a way to add these commands using the GUI, USE it first!!!

 

Hope it helps!

 

Thank you for your comment! 

Well the problem is that I had no dns leaks during the last year, I can't understand why I got these leaks after installing windows 10 in VM. 

I've my router already configured to use only 10.4.0.1 as DNS (static dns settings + force dns redirection), so it is a mistery to me how is possible that the dns leaked...

Anyway I'll add those two lines in my firewall script thank you.

Share this post


Link to post

The only thing I can think of is a bad update or some sort of HDD failure...

Share this post


Link to post

The only thing I can think of is a bad update or some sort of HDD failure...

 

What do you mean? I haven't update my router recently 

 

EDIT: is possible tha the windows vm managed to bypass router dns restriction in some way?!

Share this post


Link to post

EDIT: is possible tha the windows vm managed to bypass router dns restriction in some way?!

 

We know that W10 tries very hard to bypass any dns restriction. But at the same time I don't know your dd-wrt configuration so it's hard for me to tell.

And you use the phrase "force dns redirection" which is basically what the iptables rules I gave you do. And these rules are impossible to bypass unless Windows didn't use port 53 (very unlikely).

Share this post


Link to post

ALSO don't forget to disable IPv6 in Windows or IPv6 traffic in your router!

it's actually the most likely reason as to why you have dns leaks.

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...