Meaning of DNS leak

[Radosk 0]

Hey guys;

first of it's not about reporting a bug for AirVpn. Right now i have quite some time left with my current VPN provider (PureVPN) using a user-generated migration build from AUR cause the provider only had a .deb-build (so my build is unoffical and not supported). And while using it i face with progressing time of the connection a DNS leak while looking for my IP with ip location websites that it's still masked but if i look for dns leak test i got only my ISP dns address. So what's the consequences - who can see my request? I'm a bit confused cause on one side under ip location checker all is fine but under dns leak it's not. I'm not looking for a fix just about the meaning so i can make a call with all needed information how fast I'll migrate: if there is a arch-like Distro user here (e.g. Manjaro, Garuda, Arch, CachyOS, EndeavourOS)  using AirVpn i would appreciate some feedback if there is any DNS leak or all fine. Thanks!
 

[OpenSourcerer 1385]

5 hours ago, Radosk said:

using a user-generated migration build from AUR cause the provider only had a .deb-build

Would love to see the PKGBUILD as I have no idea what you're talking about. Is it about PureVPN's software packaged as a PKGBUILD of your making?
 

5 hours ago, Radosk said:

So what's the consequences - who can see my request?

Really depends on the DNS server configured, but in general anyone in your network, anyone with access to your router, anyone on the way to the ISP and the ISP itself. If you use different DNS servers than your ISP's, anyone on the way to that DNS server plus the DNS server operator. That's because DNS is unencrypted.
The picture changes if you use DNS-over-TLS or DNS-over-HTTPS, and if you're connected to a VPN server.
 

5 hours ago, Radosk said:

if there is any DNS leak or all fine.

Depends on the software. All of AirVPN's software use Network Lock and change the DNS servers by default after connection so that no such leaks can occur. So whether you're leaking or not fully depends on the software, not on the OS.

[Radosk 0]

45 minutes ago, OpenSourcerer said:

Would love to see the PKGBUILD as I have no idea what you're talking about. Is it about PureVPN's software packaged as a PKGBUILD of your making?

No i used the AUR-package from another user published under purevpn-git (https://aur.archlinux.org/packages/purevpn-gui) and seems like it's just a migration so the program asked for dpkg-query normaly and the arch-build ships the dependencies and block the notifications. Installation feels like Windows with the official Ubuntu-Version so you download a .deb and all dependencies are installed later with first boot and not with installation and it's not shown what it installed just asking for sudo and install a bunch. I hope with AirVpn in the future it's smoother especially under Arch-like (right now using Garuda 75% of the time on my private computer) where it's so-so right now. It's just wired if you stay connected and ip is masked but than you notice that DNS is leaking sometimes, if you are not the best informed user in this spec.

just wonna check if there will arise a problem in the future with the OS-support with AirVPN so thanks for your reply.

 

[OpenSourcerer 1385]

3 hours ago, Radosk said:

No i used the AUR-package from another user published under purevpn-git (https://aur.archlinux.org/packages/purevpn-gui) and seems like it's just a migration so the program asked for dpkg-query normaly and the arch-build ships the dependencies and block the notifications. Installation feels like Windows with the official Ubuntu-Version so you download a .deb and all dependencies are installed later with first boot and not with installation and it's not shown what it installed just asking for sudo and install a bunch

Wow, PureVPN.. a software which depends on Debian's packaging system by code.. come on, this is just lazy design at this point. Do they not consider that some of their Linux customers might run a distribution not based on Debian? How do all these ideas come to life when companies write software for Linux? It boggles the mind..

- This app is made for Ubuntu and has some extra (not defined in the deb file) dependencies which are installed after you open the app. It uses apt to install them (which of course fails on Arch) and dpkg-query to see if they are installed (which also fails on Arch). The dpkg-query command is ran every time you open the app (except the first one in which it installs them anyway)

 

I mean.. COME ON! What is this? Extra dependencies not defined in the deb? Why would you even omit them if you're still going to install them after launch?
This is also quite disrespectful towards the users' systems because those packages would be marked as manually installed, forever remaining like that, out of reach for apt autoremove, therefore staying unused after you uninstall PureVPN, blocking space. Aw man..
 

3 hours ago, Radosk said:

I hope with AirVpn in the future it's smoother especially under Arch-like (right now using Garuda 75% of the time on my private computer) where it's so-so right now. It's just wired if you stay connected and ip is masked but than you notice that DNS is leaking sometimes, if you are not the best informed user in this spec.

Yeah, you won't have this problem with AirVPN software.

[Radosk 0]

10 hours ago, OpenSourcerer said:

Wow, PureVPN.. a software which depends on Debian's packaging system by code.. come on, this is just lazy design at this point. Do they not consider that some of their Linux customers might run a distribution not based on Debian? How do all these ideas come to life when companies write software for Linux? It boggles the mind..

- This app is made for Ubuntu and has some extra (not defined in the deb file) dependencies which are installed after you open the app. It uses apt to install them (which of course fails on Arch) and dpkg-query to see if they are installed (which also fails on Arch). The dpkg-query command is ran every time you open the app (except the first one in which it installs them anyway)

 

I mean.. COME ON! What is this? Extra dependencies not defined in the deb? Why would you even omit them if you're still going to install them after launch?
This is also quite disrespectful towards the users' systems because those packages would be marked as manually installed, forever remaining like that, out of reach for apt autoremove, therefore staying unused after you uninstall PureVPN, blocking space. Aw man..

You take what you get as Linux user. Unfortunately the companies mostly support Linux only for Alibi purposes: so they can claim they support all available OS but in fact they just create a lazy app and after first mostly stable releases there will be no more updates as long as it work somehow. And the functionality is stripped down even with the first release and cause there are just maintenance updates later there will be no new functionality implemented. And all do it like that even major VPN provider like NordVPN that spend a lot of cash on ADs but only have a CLI Linux app. All in all it depends on the customer and from the development all take the way to minimalism, so you lose all configuration ability cause the company knows best what you need and so it's not a hassle for you .. I really hate this development and especially Apple as Ancestor of it and than we have the subscription hell where there's no option for one-time-payment anymore cause you as customer could miss the time-frame for the renewal. And even the cross-selling where it's hard to just get the VPN service and not some extras like Password-Manager, Cloud Storage, Antivirus etc. All argument that they help customers with this extras but you get less for the buck :(

No blame for AirVPN at this point but i hope it don't follow this development cause other companies don't had it first too and start it at one point.
And don't ask my why PureVpn install dependencies later that are not defined initially, if they follow this approach they could opt for AppImage and are more use-able on different OS.

[Staff 9838]

6 hours ago, Radosk said:

No blame for AirVPN at this point but i hope it don't follow this development cause other companies don't had it first too and start it at one point.

Hello!

Don't worry, it's impossible that AirVPN will follow "this development", and after 14 years such doubts, or worse insinuations, are frankly inexcusable. The comparisons you make with some poor service with little value and lack of knowledge about Linux are a bit insulting.

"Linux" in general is the main development platform for AirVPN and the backbone of the infrastructure, especially with robust distributions built on top. What's more, customers connecting via Linux are an irreplaceable part that totals, according to rough estimates, more than 30% of AirVPN customers (not counting Android here, which is anyway Linux based). Some major points showing how much we support "Linux" customers, regardless of the distribution they picked:

• AirVPN free and open source software is compatible with at least 200 Linux distributions and probably more. AirVPN software not only supports systemd based distributions, but also SysV Style-init and chkconfig based distributions (let's remember that more than 50 distributions are not based on systemd) .
• For leaks prevention, both iptables and nftables Netfilter components are supported
• Packages for most package managers as well as classical tarballs are ready for customer comfort, and Eddie is also available as an AppImage
• There is no feature for other systems which is not ported on Linux too, and not infrequently a feature is implemented on Linux first or simultaneously on all systems
• Linux is the only system for which multiple software by AirVPN is available: you can choose between Eddie (offering a rich GUI running swiftly on all major Desktop Environments) and the AirVPN Suite, which in turn offers a stand alone binary as well as a client-daemon architecture
• The AirVPN software is built not only for Linux x86-64 systems, but also for Linux systems based on ARM 64 bit, ARM 32 bit CPUs. Builds are also available for x86-64 legacy systems, ARM 32 bit legacy systems, and ARM 64 bit legacy systems
• OpenVPN3-AirVPN library development is led on Linux systems, only then the library is ported to macOS too
• AirVPN Configuration Generator is very friendly for any third-party Linux software, if you don't want to run AirVPN software in your Linux system

 

Quote

And even the cross-selling where it's hard to just get the VPN service and not some extras like Password-Manager, Cloud Storage, Antivirus etc.

Talking about bloatware, you will not find any on AirVPN. Additional features like DDNS or DNS opt-in filters never caused a price increase, and if you think about it DDNS is really comfortable for inbound remote port forwarding, it surely isn't bloat feature offered as marketing fluff. DNS filters have received a stellar feedback so we will maintain them (as usual, opt-in and at no price). Note how AirVPN pricing is the same since 2011 in spite of the useful features added since then.

Kind regards
 

[Radosk 0]

2 hours ago, Staff said:

Don't worry, it's impossible that AirVPN will follow "this development", and after 14 years such doubts, or worse insinuations, are frankly inexcusable. The comparisons you make with some poor service with little value and lack of knowledge about Linux are a bit insulting.

"Linux" in general is the main development platform for AirVPN and the backbone of the infrastructure, especially with robust distributions built on top. What's more, customers connecting via Linux are an irreplaceable part that totals, according to rough estimates, more than 30% of AirVPN customers (not counting Android here, which is anyway Linux based). Some major points showing how much we support "Linux" customers, regardless of the distribution they picked

Sorry if my post feels insulting cause it wasn't my wish to insinuate that the AirVPN Team will "corrupt" as well. Right now from your philosophy such changes would cannibalize your audience. Sure only time will show and a rebranding can be possible over years but giving such promises is a good sign, that the company will not attempt such. Many companies attempt to let all doors open and don't speak their mind.

For the background i'm a bit salty about the development most companies attempt, where they sell their values for more money and my biggest problem is the goofing (to not say "bullshitting" ) around with claims like it's for you customer (security, convenience, buy more & save more etc.) and the customers even believe them or they wouldn't do such. Sure my use cases changed i'm a mainly Linux user only since 4 years ago and had to drop my current vpn provider cause i don't like their new thing with cross-selling and subscription (automatic renewal) and i'm not on Windows anymore. If you only use Windows, have basic needs so just speeds with 100Mbit, no streaming whitelisting, servers in europe there are many options. If you search now for "best linux vpn" you find a lot of articles, where most of them are copy paste with the same criteria ranking (streaming and count of servers is most important) and even the ranking is mostly the same. But if you visit the website of the provider what they understand under Linux support is the way a Windows user sees Linux ("Linux is another OS") but not the different distros (file systems, init, architecture etc) behind it and if a company claims Linux is supported it's mostly just for debian-like Systems and maybe for Fedora as well but if you search for Arch-like the field became nearly empty. And the proclaimed app is mostly CLI and in the worst case just some introduction to manual config a connection via NetworkManager. So kudos that you follow the freedom philosophy from Linux and i'll test your software out late 2024 and hopefully all works as desired and stay like it. I just hope it becomes easier to find you, cause right now it took my 6-8 articles and the article from "proprivacy" first catches me. The biggest Plus was the server status page implying transparency and a nice surprise (not asked for but appreciated)
 

Quote

Talking about bloatware, you will not find any on AirVPN. Additional features like DDNS or DNS opt-in filters never caused a price increase, and if you think about it DDNS is really comfortable for inbound remote port forwarding, it surely isn't bloat feature offered as marketing fluff. DNS filters have received a stellar feedback so we will maintain them (as usual, opt-in and at no price). Note how AirVPN pricing is the same since 2011 in spite of the useful features added since then.

Rest assured cross-selling for me is aggressive promotion of extras where you have to opt out from the extras, the basic service alone is hard to find alone and you get newsletter reminder to upgrade your account to the latest features. It would be fine to sell something extra if it's opt in, not changed from included to extra especially with no replacement/lower price, not the default selection and not aggressive promoted with repeated announcements.

[Staff 9838]

@Radosk

We're very glad to know that we meet all of your requirements, and we thank you for the appreciation and your compliments!

Kind regards