Join Log in
Score:0
str1ng avatar Ubuntu

How to fix DNS leak OpenVPN on Ubuntu 20.04?

sh flag
str1ng

Okay, so basically I am using openvpn to connect on one of the NordVPN's servers. But long story short, I haven't even noticed all until this night, my DNS is leaking somehow.

My sys. info:

str1ng@str1ng:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.2 LTS
Release:    20.04
Codename:   focal

Went to the NordVPN's support, been there for like 2 hours, couldn't solve it, so it happens to be that this is my only hope at the moment.

I've tried so many things... Like answer from here: https://www.ubuntubuzz.com/2015/09/how-to-fix-openvpn-dns-leak-in-linux.html

Also I've tried editing .ovpn server config file with adding block-outside-dns , but then I am getting this:

Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/ovpn_tcp/ch303.nordvpn.com.tcp.ovpn:18: block-outside-dns (2.4.7)
Use --help for more information.

So that doesn't make things any better, so after that, I've done:

pull-filter ignore "block-outside-dns"

And then ran sudo openvpn /etc/..... to connect to server, but also nothing, my DNS's still leaking.

Apart from that they told me to disable IPv6, so I did that by following this guide:

Open a terminal window. Type this command:

sudo nano /etc/sysctl.conf Add the following at the bottom of the file:

net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.tun0.disable_ipv6 = 1
Save and close the file. Reboot the device. To re-enable IPv6, remove the above lines from /etc/sysctl.conf and reboot the device.

Also, I've done this: https://support.nordvpn.com/Connectivity/Linux/1134945702/Change-your-DNS-servers-on-Linux.htm

But after doing this and checking on resolv.conf ; it's again overwritten by NetworkManager.

This looks like infinite loop. If anyone can help I'd be grateful

Edited with what one of users have required

 str1ng@str1ng:~/Desktop$ ls -al /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Jun  8 16:13 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf


dpkg -l *dnsmasq*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name             Version           Architecture Description
+++-================-=================-============-============================================
un  dnsmasq          <none>            <none>       (no description available)
ii  dnsmasq-base     2.80-1.1ubuntu1.4 amd64        Small caching DNS proxy and DHCP/TFTP server
un  dnsmasq-base-lua <none>            <none>       (no description available)



str1ng@str1ng:~/Desktop$ grep -i dns /etc/systemd/resolved.conf
#DNS=
#FallbackDNS=
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#DNSStubListener=yes
706
0 + 7
vpn
dns
heynnema avatar
ru flag
heynnema
How do you know that your DNS is leaking? Edit your question and show me a screenshot of the dns leak test results from https://dnsleaktest.com standard test. Also show me `ls -al /etc/resolv.conf` and `cat /etc/resolv.conf` and `dpkg -l *dnsmasq*` and `grep -i dns /etc/systemd/resolved.conf`.
0
Reply
bac0n avatar
cn flag
bac0n
related: [update-systemd-resolved](https://github.com/jonathanio/update-systemd-resolved)
0
Reply
str1ng avatar
sh flag
str1ng
@heynnema for some reason today when I tried to turn on computer, it just showed me "0.133081 DMAR: Firmware bug..." Currently, I am booted from USB, and can't even install new system again, because it has some sort of bug, so I am currently dealing with that. Anyways, the way I knew that my DNS is leaking was exactly by the tests from dnsleaktest.com and exactly the extended one. I am trying to install system again on this pc, so after I am done with that, I'll hopefully be able to update you with ls -al /etc/resolv.conf and with other stuff too...
0
Reply
heynnema avatar
ru flag
heynnema
Don't reinstall. See if you can boot into maintenance mode.
0
Reply
str1ng avatar
sh flag
str1ng
@heynnema I wasn't able to do so... Unfortunately... Btw. I've updated question with what you required
0
Reply
heynnema avatar
ru flag
heynnema
Are you able to boot now? You're running on a new install of Ubuntu, yes? Are you still getting the DMAR error? Show me the screenshot of the standard DNS leak test, and `cat /etc/resolv.conf`.
0
Reply
str1ng avatar
sh flag
str1ng
Sorry for late respons. Anyways, after I rebooted and installed NordVPN over again, I was able to fix the problem that caused me problems with connecting with `nordvpn connect` command, but right now I am able to connect with `nordvpn connect` command, and now I don't have DNS leaks (because I don't use openvpn anymore). I am sorry once again and thank you!
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.