DD-WRT: DNS Leak Detection w/ VPNs

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
ATHF
DD-WRT Guru


Joined: 14 Dec 2015
Posts: 774
Location: 127.0.0.1

PostPosted: Sun May 12, 2019 6:55    Post subject: Reply with quote
That's awesome, I haven't tried it yet.
But thank you in advance!

_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Sun May 12, 2019 7:41    Post subject: Reply with quote
Nice !

Added it to my toolbox Very Happy

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Sun May 12, 2019 16:52    Post subject: Reply with quote
I think one of the things which must be made crystal clear is what you (and I) are defining as a DNS leak, not only using the "wrong" DNS server but also sending the DNS query out in the open via the WAN interface.

When the VPN provider pushes a private IP address as DNS server and the router is of the VPN, I think that the router does not have sufficient routing information to route that private IP address via the VPN so it will not work in most cases?

A solution in these cases can be if you can use destination based routing and thus can instruct the OVPN client to route that specific IP address via the VPN

The longer I think about it the more questions arise (this is a fun problem though Smile )

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Redback813
DD-WRT Novice


Joined: 10 Nov 2015
Posts: 43

PostPosted: Sun Sep 08, 2019 22:37    Post subject: Reply with quote
Thank you for this script , it has been a blessing and a curse at the same time please allow me to explain , with my old ISP provider I had lan->lan connection for NBN connection and the setup was WAN Connection Type: Static IP which worked and showed no dnsleak with your dnsleak test script, great. Now though I have change ISP provider and this time setting are different , LAN->WAN and the WAN Connection Type: Automatic Configuration it's working though dnsleak test script is showing "user.warn ddwrt-ultimate-dns-leak[1166]: dns leak detected" repeatedly , I can't for some reason use the "no-reslov" in dnsmasq config section as this block internet browser usage but connection to the internet show in the log. There does not seem to be and issue with non vpn connection however VPN connection is a real problem.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum