Jump to content
Not connected, Your IP: 3.238.87.31
ableounceony

DNS Servers, OpenVPN, pfSense Resolver

Recommended Posts

Unfortunately, this is a bit of a multi-disciplinary question that has to be prefaced with some background.

 

I've got my connection to AirVPN set up on my pfSense box and am using the Resolver there in the default, non-forwarding mode.  That means for DNS lookups, pfSense (through Resolver) is supposed to directly query the top-level DNS servers for name resolution without using any specified, lower-level DNS servers.  In one sense, it seems to be working in that none of the leak-testing sites (like ipleak.net) show any DNS servers other than AirVPNs.  On the other hand, I don't understand how those sites even see those AirVPN DNS servers at all since pfSense isn't set up to use them.  Worse, I recently found out that DNS queries through Resolver in the default, non-forwarding mode do NOT get routed through the NAT/Firewall rules:  they're sent out the default gateway (my WAN, not my VPN tunnel).  So, theoretically, my DNS lookups are in the open instead of through AirVPN.

 

If that's true, why do places like ipleak.net not show a DNS leak?  How do they determine what DNS server I'm using?  Does it just ask my server what DNS is associated with it?  Or, does it look for the DNS requests coming from my system?  But, if Resolver is sending its own DNS requests over the WAN, then would places like ipleak.net even see them?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...