Search the Community

AirVPN should support DNS over TLS within the VPN tunnels, but currently, this is not the case. Of course, we know that DNS over TLS does not provide any benefit because all DNS traffic goes over the VPN as well (which is also stated in the service description). However, I use Linux, and when the VPN is off, I always keep DoT on. The setting is simply enabled by DNSOverTLS=yes at the resolved.conf file. Because 99% of the time I do not use VPN, I prefer to keep the DoT setting on and not disable it whenever I start a VPN session. But when deploying a VPN session from a WireGuard conf file, the DNS resolution is halted. It is possible to reach the internet through direct IP-address-based connections, but DNS resolution does not work at all. I see that the internal DNS server (10.128.0.1) does respond to the incoming requests at port 853, and I receive the responses, but that is all. Naturally, it is not possible to sniff more deeply into the content of the DNS packets with Wireshark because they are encrypted. But there is a lot of that traffic going back and forth through the tunnel. Do you have any idea what might be wrong? If the DoT setting is disabled, the DNS resolution works inside the tunnel as it should.