[SOLVED]How to fix dns leaks?

Questions about Wi-Fi and other network devices, file sharing, firewalls, connection sharing etc
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
phd21
Level 20
Level 20
Posts: 10104
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: How to fix dns leaks?

Post by phd21 »

Hi Mintuser998,

You are welcome from all of us that replied...

You can look up "easy-rsa" and "unbound" in the "Synaptic Package Manager (SPM)" and online (Google it) to find out about these packages. The openVPN developers recommend installing the "easy-rsa" package, so I always do.

I just installed a fresh copy of Linux Mint 19 based on Ubuntu 18.04, and some other Ubuntu 18.04 OS's, which have the newer OpenVPN packages already installed, but my VPN connections were still leaking DNS information. Granted that I always change the ISP's default DNS server IP addresses to a DNS provider's servers, so I am still protected and anonymous, but I wanted to see if I could prevent the DNS leaks. I used "dns.watch" an excellent DNS provider based in Germany (I think), because when I test my DNS if it is leaking it will show the DNS servers in Germany when I am currently in the USA and connected to a VPN server in the USA or elsewhere (somewhere other than Germany for the testing). So, I followed my instructions in this recent reply, installed "unbound" left resolveconf vs openresolv (both work though), and changed my free "ProtonVPN" openvpn configuration files (somewhere.ovpn) to add those lines to them, and restarted my system, connected to a VPN server, and it worked perfectly no DNS leaks and this is with both IPv4 and IPv6 enabled. Keep in mind that with some people's systems and their ISP (Internet Service Providers), you may still need to disable IPv6 or tell (check) the Network Manager to use IPv4 and ignore IPv6 (restart or logout after changes).

FYI: Member majpooper's suggestion to use "dnscrypt" also works and there are other posts in this forum and elsewhere on how to install and configure that for those interested in doing that.

Update 03-22-2019: There is another option for encrypting DNS activity over TLS which people may consider using. I use this method instead of "dnscrypt", but both work well.

How to Protect Your DNS Privacy on Ubuntu 18.04 with DNS over TLS
https://www.linuxbabe.com/ubuntu/ubuntu ... s-over-tls
Phd21: Mint 20 Cinnamon & KDE Neon 64-bit Awesome OS's, Dell Inspiron I5 7000 (7573, quad core i5-8250U ) 2 in 1 touch screen
Top
Locked

Return to “Networking”