Feb 19, 2019, 19:48 pm
My network is behind two NAT firewalls, with the second being an ancient Netgear set to use OpenDNS, as are my systems.
This setup works fine, and all testing basically shows it to be bulletproof.
I also disable IPV6 in any way, shape or form I can find it, as a first step in any system setup.
However... Recently in testing I connected my personal system directly to the modem/router (first) while in Linux, and found it was ignoring my settings and using the Comcast ISP DNS *even on a VPN*.
https://www.dnsleaktest.com/
Is the site used.
Reconnecting to the second router fixed the problem immediately.
Where it is using the VPN DNS servers, and ignoring the DNS entries in resolv.conf/resolv.conf.d/original
Cant easily check in Win right now, especially as the other machines would be a PITA to connect directly....
But: Blocking DNS leaks is an important part of security.
This setup works fine, and all testing basically shows it to be bulletproof.
I also disable IPV6 in any way, shape or form I can find it, as a first step in any system setup.
However... Recently in testing I connected my personal system directly to the modem/router (first) while in Linux, and found it was ignoring my settings and using the Comcast ISP DNS *even on a VPN*.
https://www.dnsleaktest.com/
Is the site used.
Reconnecting to the second router fixed the problem immediately.
Where it is using the VPN DNS servers, and ignoring the DNS entries in resolv.conf/resolv.conf.d/original
Cant easily check in Win right now, especially as the other machines would be a PITA to connect directly....
But: Blocking DNS leaks is an important part of security.