Jump to content
Not connected, Your IP: 13.58.39.23
AirVPN
Sign in to follow this  
Followers 0
Guest ZqBxfuxd

DNS server, DNS leak

By Guest ZqBxfuxd, ... in General & Suggestions

Recommended Posts

Guest ZqBxfuxd   

Guest ZqBxfuxd
Posted ...

Hello.

Two questions/issues regarding DNS:

I'm using the OpenVPN software to connect to AirVPN.

1. How to disallow the VPN client to accept and use the pushed Google DNS? Sorry, that's horrible. The VPN connection should use the OpenDNS servers _only_

2. Why does https://www.dns-oarc.net/oarc/services/dnsentropy show my ISP (ISP DNS) after connecting to VPN? How to stop this DNS leak (without installing a Firewall)?

Thanks.

Share this post

Link to post

Staff    9772

Staff
Posted ...

Hello.

Two questions/issues regarding DNS:

I'm using the OpenVPN software to connect to AirVPN.

1. How to disallow the VPN client to accept and use the pushed Google DNS? Sorry, that's horrible. The VPN connection should use the OpenDNS servers _only_

2. Why does https://www.dns-oarc.net/oarc/services/dnsentropy show my ISP (ISP DNS) after connecting to VPN? How to stop this DNS leak (without installing a Firewall)?

Thanks.

Hello!

1. The pushed DNS is inside our VPN, in order to bypass ICE censorship. Only after a first resolution attempt (necessary to bypass ICE censorship, which of course propagates to all DNS in the world) the DNS query is anonymized and goes out from our servers to Google DNS, which is one of the few DNS systems in the world without censorship. Usage of OpenDNS is not viable for us because we don't accept the censorship perpetrated by OpenDNS and its NN violations. In the past we used our own DNS, but this new system provides significant advantages.

2. If you don't want to install a firewall to prevent DNS leaks, you might either renounce to use Windows or, alternatively, set your favorite DNS servers (as primary and secondary) and apply the manual method reported here:

http://www.dnsleaktest.com/how-to-fix-a-dns-leak.php

Kind regards

Share this post

Link to post

Jinsong    5

Jinsong
Posted ...

I agree, OpenDNS is probably not the best choice due to their filtering/censoring and interception of DNS queries. But if you don't trust Google DNS either (understandably) then you can just choose one of several other global DNS providers instead. You can find them using this DNS Benchmark tool:

https://www.grc.com/dns/benchmark.htm

Pick the two that are the fastest and most reliable (and preferably non-filtering / non-intercepting), then follow admin's instructions. Basically, all you have to do is go into the TCP/IP properties for your virtual (TAP) network adapter, un-check the "obtain DNS automatically" option, and set the preferred & alternate DNS addresses manually.

Now when you run the DNS entropy test again there should be 100% no leaks. :cheer:

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...