Caver1 <
cav...@inthemud.org> wrote in message n63pi2$bse$
1...@dont-email.me
> DNS is used to translate domain names into numerical IP
> addresses . This translation service is usually performed by
> your ISP, using its DNS servers.
I do not know what my ISP's DNS servers are, but, I can prove to myself
that whatever DNS servers I have set on the router are what is being
shown in the DNS leak tests whether or not I'm on VPN.
I can prove that simply by changing the DNS servers set on the router.
Whatever I set as the DNS servers on the router is what shows up
as the DNS server in the DNS leak tests.
That is bad news for a bunch of reasons.
1. It means I don't have control of the DNS server from Linux.
2. It means that the VPN isn't fully working for me.
It's good news for one reason:
3. It means that the ISP's DNS server is *not* being used.
> When you use a VPN service, the DNS request should instead
> be routed through the VPN tunnel to your VPN provider’s DNS
> servers (rather than those of your ISP).
Yes. I agree!
I wish the DNS server that showed up in the DNS leak tests was
that of the VPN.
Currently, whatever DNS servers I set in my router are the DNS
servers that show up in the DNS leak tests, whether or not I'm
on VPN.
I don't understand a lot, but I do understand that this is a
classic DNS Leak which isn't supposed to happen on Linux.
As someone said, the only way it can happen is that I have Linux
misconfigured.
I do believe that is the case.
But how do I debug Linux DNS setup is the problem.
Specifically, how to I change the output from this:
$ dig
www.redhat.com|grep -i server
;; SERVER: 192.168.1.1#53(192.168.1.1)
To this?
;; SERVER: 127.0.1.1#53(127.0.1.1)
> However it does happen that the request to be sent to the
> ISP’s DNS server rather than through the VPN tunnel. This is
> known as a DNS leak.
Yes. I have the classic DNS leak.
What is so frustrating is that I have been told it's due to a
misconfiguration of Linux, and I believe that.
But *what* is misconfigured?
I may have to switch back to the problematic "network manager"
temporarily, to debug this, because there is more support on the
net for the default Ubuntu network manager than there is for
WiCD.
WICD works great (much better than Network Manager did), but,
I can't find much on the web by way of how to test this problem.
> When you go to the likes of
dnsleaktest.com you should see
> the IP of your VPN not the IP that your ISP gives you, while
> connected to the VPN.
Yes. I completely understand and agree with what you are saying.
When I go to the dns leak web sites, I should see two things:
1. I should see whatever IP address I would see simply by going
to
http://whatismyipaddress.com or by running a curl command
or inxi -i, or any command that reveals my current public
IP address:
$ curl
http://myip.dnsomatic.com; echo
$ inxi -i | grep "WAN IP:"
$ wget -qO-
http://myip.dnsomatic.com; echo
$ curl
ifconfig.me && curl
ifconfig.me/host
etc.
2. I should see whatever DNS server I'm using, which should be
whatever DNS I set up in my router for when I'm NOT on VPN,
but it should be whatever VPN server the VPN provider is
using when I *am* on VPN.
> If you see your IP at
dnsleaktest.com when connected to your
> VPN the you have a DNS leak.
I do not wish to piss you off, but I think that is an incorrect
statement.
It would be really horrid if I actually saw the IP address my
ISP has assigned me when I go to the DNS leak tests!
Luckily, *that* is not happening!
> Which means that you are using your ISP's DNS servers and
> not the VPN's.
It's very clear to me that I am *not* using my ISP's DNS servers
because I can clearly see that most of the time I see exactly
the DNS server that I set on my router, whether or not I'm
on VPN.
This is, as I understand it, the classic dns leak.
Since I'm on Linux, that's *not* supposed to happen.
I think Linux is, somehow, misconfigured.
My problem is figuring how where the misconfigure is happening.
If I could somehow get the output of the dig command to switch
from the router to the local machine, I could test it further.
There must be some secret to getting WICD to actually do what
the GUI is set to do (and rebooting isn't that, because I have
rebooted a few times now to no effect).
> This results in
> your ISP being able to track your internet movements,
> regardless of whether you are using a VPN or not.
You are correct that whomever controls the DNS server can track
my movements, whether or not I'm on VPN.
You are also probably correct that the ISP can *see* the lookups
I make to the DNS Server set on the router. Even though these
are not the DNS Servers that the ISP uses, they are probably
made in the clear.
So, I would assume that the ISP *can* see the cleartext calls
to the DNS servers that are set up in my router.
That's bad.
> This happens quite often in Windows as it has no Global
> setting to stop this from happening. Linux has this Global
> setting so only a misconfiguration can cause it.
I agree with you that I almost certainly have a Linux misconfiguration.
But how do I find this linux misconfiguration is the question.