Jump to content
Not connected, Your IP: 18.223.158.29

Recommended Posts

I'm triying to run gluetun https://github.com/qdm12/gluetun to put some of my docker containers behind a VPN.
The VPN is working but the DNS seems to be leaking.
Is anyone running a similar setup and can tell me how to fix this?

example config from the wiki  https://github.com/qdm12/gluetun-wiki

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=airvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=yCbHtKAgJASnJs2S/aZsjag9Fy04csmR4qDUDkJgX2c=
      - WIREGUARD_PRESHARED_KEY=yCbHtKAgJASnJs2S/aZsjag9Fy04csmR4qDUDkJgX2c=
      - WIREGUARD_ADDRESSES=10.99.99.99/32,ff:ff:ff...:ff/128
      - SERVER_COUNTRIES=Netherlands

i also added the following variables
      - UPDATER_PERIOD=24h
      - FIREWALL_VPN_INPUT_PORTS=1000


I ran this script https://github.com/macvk/dnsleaktest
inside the gluetun container and it suggeted there was a dns leak
./dnsleaktest.sh
Your IP:
*.*.*.* [Netherlands AS49453 Global Layer B.V.]

You use 10 DNS servers:
141.101.75.91 [Netherlands AS13335 CloudFlare Inc.]
141.101.75.92 [Netherlands AS13335 CloudFlare Inc.]
172.70.45.27 [Netherlands AS13335 CloudFlare Inc.]
172.70.45.146 [Netherlands AS13335 CloudFlare Inc.]
172.70.45.147 [Netherlands AS13335 CloudFlare Inc.]
172.71.101.29 [Netherlands AS13335 CloudFlare Inc.]
172.71.101.163 [Netherlands AS13335 CloudFlare Inc.]
172.71.101.164 [Netherlands AS13335 CloudFlare Inc.]
172.71.181.166 [Netherlands AS13335 CloudFlare Inc.]
172.71.181.167 [Netherlands AS13335 CloudFlare Inc.]

Conclusion:
DNS may be leaking.

Share this post


Link to post
7 hours ago, Staff said:
Not what I was looking for.
But I found the solution on my own.

https://github.com/qdm12/gluetun-wiki/blob/main/setup/options/dns.md
DNS_ADDRESS is set to 127.0.0.1 by default
so I added the variable to change it
      - DNS_ADDRESS=10.128.0.1

now I get the desired response
./dnsleaktest.sh
Your IP:
*.*.*.* [Netherlands, AS49453 Global Layer B.V.]

You use 1 DNS server:
*.*.*.* [Netherlands, AS49453 Global Layer B.V.]

Conclusion:
DNS is not leaking.

Share this post


Link to post
Quoting from this GitHub thread
 
Quote

One of the absolute strengths of Gluetun is the prevention of DNS leaks.
DNS is disabled in Gluetun until the tunnel is established and then DNS over TLS is used with Cloudflare. 


From what I understand, your dnsleak script uses a different mechanism and likely checks whether you're using AirVPN's DNS servers instead of DOT. Gluetun uses DOT by default, hence it'll trip and think you're leaking.

I suggest to run a firefox container through network_mode: "service:gluetun"
and properly perform a DNS leak test in the browser, for example using https://ipleak.net/

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...