Skip to content

DNS leakage on Ubuntu 18.10. #59

New issue
New issue
Open
Open
DNS leakage on Ubuntu 18.10.#59
Labels
Help WantedNetworkManagerNetworkManager strikes againQuery RoutingConcerns how systemd-resolved selects interfaces and upstream resolvers.Won't Fix
@ghost

Description

@ghost
ghost
opened on Dec 27, 2018

I'm experiencing DNS leakage using this script in which the IP addresses of my ISP's DNS servers are visible. Strangely, the IP addresses of my VPN's DNS servers are also visible. I'm running an OpenVPN server connected to a Comcast router.

From DNS Leak Test:

IP Hostname ISP
208.67.219.70 m41.pao.opendns.com OpenDNS, LLC
208.67.219.14 m4.pao.opendns.com OpenDNS, LLC
76.96.15.73 sjos-cns05.nlb.sjc1.comcast.net Comcast Cable
208.67.219.29 m21.pao.opendns.com OpenDNS, LLC
... ... ...

systemd-resolve --status reports that everything is fine with the tunnel, so I assume I'm leaking traffic to some other interface:

Global
       LLMNR setting: no
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 4 (tun0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 208.67.220.220
         DNS Servers: 208.67.222.222
                      208.67.220.220
          DNS Domain: ~.

Link 3 (wlp4s0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 75.75.76.76
         DNS Servers: 75.75.75.75
                      75.75.76.76
                      2001:558:feed::1
                      2001:558:feed::2
          DNS Domain: ~.
                      hsd1.ca.comcast.net

Link 2 (enp0s31f6)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

OpenVPN client configuration:

...
script-security 2
setenv PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
up /etc/openvpn/update-systemd-resolved
down /etc/openvpn/update-systemd-resolved
down-pre

# Prevent DNS leakage.
dhcp-option DOMAIN-ROUTE .

I know very little about networking, so I apologize if this is a trivial issue. Any insight would be greatly appreciated.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Help WantedNetworkManagerNetworkManager strikes againQuery RoutingConcerns how systemd-resolved selects interfaces and upstream resolvers.Won't Fix

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions