DNS leak with OpenVPN

Hi after a lot of troubleshooting i finally found the DNS Leak solution here.

I was wondering how OpenVPN client was DNS Leaking on my router for every host in lan.

It was leaking because /etc/resolv.conf.auto had my ISP DNS server IP and dnsmasq daemon is forwarding DNS packets directly to it.

The solution (not perfect but works) is:

Modify /etc/config/dhcp

  • Remove:
    option resolvfile '/tmp/resolv.conf.auto'
  • Add:
    option noresolv '1'
    list server ''
    list server ''

The perfect solution would be to allow OpenVPN to modify /etc/resolv.conf.auto to set its IP by the one provided by OpenVPN server push dhcp-option, and then disallow dnsmasq to modify it again if DHCP lease renewal is issued on WAN interface. But this will need some hard-code by developers