DNS Leak with OpenVPN

Hello,

I'm attempting to route my DNS queries through the OpenVPN interface, tun0. The only way I seem to be able to accomplish this is to use a redirect rule to forward all traffic on port 53 to my VPN providers DNS servers. However, when running a leak test, it shows OpenDNS servers and not the VPN providers. The OpenDNS servers are what I'm adertising to on the WAN interface. I've unchecked the "Use DNS servers advertised by peer" option on the VPN interface and entered the VPN providers DNS servers to the custom DNS servers, but it seems those are ignored. If I remove the redirect rule, I see the queries going out the wan interface, eth1, instead of the tun0 VPN interface. Any help would be appreciated!

Assigning DNS servers on other interfaces does little. There's quite a few [recent] threads on this here's one:

You can choose any DNS server you wish, it doesn't have to be the example (1.1.1.1).

Would you mind elaborating on how I might route the IP of the DNS over the tunnel interface?

Sure.

config route
        option target '1.1.1.1'
        option netmask '255.255.255.255'
        option interface 'tun0'

or

config route
        option target '1.1.1.1/32'
        option interface 'tun0'

See:

So if you configure your clients to use 1.1.1.1 - it will use the tunnel. Again, you can use any DNS server IP: Quad9, Google, etc.

1 Like

Thanks, I found the problem. I'm using VPR to split my VPN tunnel and had not applied an additional IP address that was being used when I connected to my work VPN. Added that, and no more leak.

1 Like