DD-WRT: DNS Leak Detection w/ VPNs

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
ATHF
DD-WRT Guru


Joined: 14 Dec 2015
Posts: 728
Location: 127.0.0.1

PostPosted: Sun May 12, 2019 6:55    Post subject: Reply with quote
That's awesome, I haven't tried it yet.
But thank you in advance!

_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
DD-WRT Firmware: r42054: WRT3200ACM, WRT1200ACv1 (Smart crap subnet), WRT1900ACv1
Velop:3 WHW0101, RE6500, RE9000(AP)
TWC/Spectrum - 300/25
SysLog Watcher 5, Security Onion on Virtual Box, Fingboxes, PiHoles
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6408
Location: Netherlands

PostPosted: Sun May 12, 2019 7:41    Post subject: Reply with quote
Nice !

Added it to my toolbox Very Happy

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6408
Location: Netherlands

PostPosted: Sun May 12, 2019 16:52    Post subject: Reply with quote
I think one of the things which must be made crystal clear is what you (and I) are defining as a DNS leak, not only using the "wrong" DNS server but also sending the DNS query out in the open via the WAN interface.

When the VPN provider pushes a private IP address as DNS server and the router is of the VPN, I think that the router does not have sufficient routing information to route that private IP address via the VPN so it will not work in most cases?

A solution in these cases can be if you can use destination based routing and thus can instruct the OVPN client to route that specific IP address via the VPN

The longer I think about it the more questions arise (this is a fun problem though Smile )

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Redback813
DD-WRT Novice


Joined: 10 Nov 2015
Posts: 38

PostPosted: Sun Sep 08, 2019 22:37    Post subject: Reply with quote
Thank you for this script , it has been a blessing and a curse at the same time please allow me to explain , with my old ISP provider I had lan->lan connection for NBN connection and the setup was WAN Connection Type: Static IP which worked and showed no dnsleak with your dnsleak test script, great. Now though I have change ISP provider and this time setting are different , LAN->WAN and the WAN Connection Type: Automatic Configuration it's working though dnsleak test script is showing "user.warn ddwrt-ultimate-dns-leak[1166]: dns leak detected" repeatedly , I can't for some reason use the "no-reslov" in dnsmasq config section as this block internet browser usage but connection to the internet show in the log. There does not seem to be and issue with non vpn connection however VPN connection is a real problem.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum