Conkuist 0 Posted ... I'm triying to run gluetun https://github.com/qdm12/gluetun to put some of my docker containers behind a VPN. The VPN is working but the DNS seems to be leaking. Is anyone running a similar setup and can tell me how to fix this? example config from the wiki https://github.com/qdm12/gluetun-wiki version: "3" services: gluetun: image: qmcgaw/gluetun cap_add: - NET_ADMIN environment: - VPN_SERVICE_PROVIDER=airvpn - VPN_TYPE=wireguard - WIREGUARD_PRIVATE_KEY=yCbHtKAgJASnJs2S/aZsjag9Fy04csmR4qDUDkJgX2c= - WIREGUARD_PRESHARED_KEY=yCbHtKAgJASnJs2S/aZsjag9Fy04csmR4qDUDkJgX2c= - WIREGUARD_ADDRESSES=10.99.99.99/32,ff:ff:ff...:ff/128 - SERVER_COUNTRIES=Netherlands i also added the following variables - UPDATER_PERIOD=24h - FIREWALL_VPN_INPUT_PORTS=1000 I ran this script https://github.com/macvk/dnsleaktest inside the gluetun container and it suggeted there was a dns leak ./dnsleaktest.sh Your IP: *.*.*.* [Netherlands AS49453 Global Layer B.V.] You use 10 DNS servers: 141.101.75.91 [Netherlands AS13335 CloudFlare Inc.] 141.101.75.92 [Netherlands AS13335 CloudFlare Inc.] 172.70.45.27 [Netherlands AS13335 CloudFlare Inc.] 172.70.45.146 [Netherlands AS13335 CloudFlare Inc.] 172.70.45.147 [Netherlands AS13335 CloudFlare Inc.] 172.71.101.29 [Netherlands AS13335 CloudFlare Inc.] 172.71.101.163 [Netherlands AS13335 CloudFlare Inc.] 172.71.101.164 [Netherlands AS13335 CloudFlare Inc.] 172.71.181.166 [Netherlands AS13335 CloudFlare Inc.] 172.71.181.167 [Netherlands AS13335 CloudFlare Inc.] Conclusion: DNS may be leaking. Share this post Link to post
Staff 10014 Posted ... Hello! Please see here:https://airvpn.org/forums/topic/57025-dns-leak-when-wireguard-configuration-in-gluetun-with-qbittorrent-truenas-scale/?do=findComment&comment=227861 Kind regards Share this post Link to post
Conkuist 0 Posted ... 7 hours ago, Staff said: Hello! Please see here: https://airvpn.org/forums/topic/57025-dns-leak-when-wireguard-configuration-in-gluetun-with-qbittorrent-truenas-scale/?do=findComment&comment=227861 Kind regards Not what I was looking for. But I found the solution on my own. https://github.com/qdm12/gluetun-wiki/blob/main/setup/options/dns.md DNS_ADDRESS is set to 127.0.0.1 by default so I added the variable to change it - DNS_ADDRESS=10.128.0.1 now I get the desired response ./dnsleaktest.sh Your IP: *.*.*.* [Netherlands, AS49453 Global Layer B.V.] You use 1 DNS server: *.*.*.* [Netherlands, AS49453 Global Layer B.V.] Conclusion: DNS is not leaking. Share this post Link to post
NickCasey 0 Posted ... Quoting from this GitHub thread Quote One of the absolute strengths of Gluetun is the prevention of DNS leaks. DNS is disabled in Gluetun until the tunnel is established and then DNS over TLS is used with Cloudflare. From what I understand, your dnsleak script uses a different mechanism and likely checks whether you're using AirVPN's DNS servers instead of DOT. Gluetun uses DOT by default, hence it'll trip and think you're leaking. I suggest to run a firefox container through network_mode: "service:gluetun" and properly perform a DNS leak test in the browser, for example using https://ipleak.net/ Share this post Link to post