VPN/unbound dns leak

Started by crt333, June 25, 2020, 05:04:17 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 25, 2020, 05:04:17 PM
As I understand it when running unbound (recursive, not forwarding) and doing dns leak testing the address of the WAN connection is reported.

I route all devices through my VPN tunnel, so reporting the WAN (ISP) address when  doing DNS leak tests is undesirable (pretty much the definition of a dns leak).

Is there a way to fix this or is not using unbound the only solution?
June 26, 2020, 01:42:35 AM #1
What about just binding unbound to LAN interface (plus any other interfaces you need)
June 26, 2020, 06:34:51 PM #2
Thanks for the suggestion. Do you know that works or it is something to try?
June 26, 2020, 06:49:41 PM #3
That works, many thanks. I had tried the VPN tunnel rather than the LAN, which didn't work, but LAN does.
June 26, 2020, 08:14:06 PM #4
Sorry, that didn't work, unbound was forwarding when I set to LAN. When not forwarding unbound doesn't respond when I do this.
June 27, 2020, 03:48:03 AM #5
My unbound...

Check;
Outgoing Network Interfaces

I only bind unbound to interfaces I want unbound to answer queries on.
Then, I make unbound send out all it's queries from only the LAN interface
June 27, 2020, 06:20:42 PM #6
Thanks for the info and pic. You have forwarding turned on, which I also had working, but when I turned it off name resolution stopped.

Despite my earlier claim with forwarding disabled I tried again to use the VPN tunnel itself for outbound instead of LAN, and that works.

The logs show no more use of the system configured nameservers and all the traffic goes out through the VPN tunnel, so I guess I'm all set now.

Thanks again for your ideas!
Print
Go Up Pages1
User actions