VPN leaks DNS requests

Recently upgraded to 17.1 from 16.3 on a clean install, and now my VPN which worked well before is leaking DNS requests. I use AirVPN (Eddie client), and on ipleak.net, it shows the VPN's DNS first, then a few "GOOGLE" ones I'm sure where they're from, followed by my real ISP DNS.

This is the case on both Firefox and Brave (same configuration as 16.3 where it didn't leak)β€Œ.

If anyone has any suggestions please let me know.

Whilst this guide was written in respect of OpenVPN it hopefully might help?
(side note: yet another systemd fail!)

I would suggest using another VPN client. Zorin OS 17 uses a different version of Ubuntu that may do things differently under the hood that the Eddie client doesn't account for.

The same logic applies even if it only happens on browsers: maybe they work differently depending on the version of the underlying operating system. WebRTC in particular is one very common offender that causes this type of issues. If you don't use video conferencing web apps like Zoom over the browser, try to disable it entirely.

Thanks for the link. I'm trying to follow the steps but they're made for surfshark, and i'm not exactly sure what to put for my VPN (AirVPN using official Eddie client). I tried researching it here and there but honestly it's all over the place :sweat_smile: Do you happen to know what I should put instead?

Indeed WebtRTC is disabled in my Firefox; it's extremely hardened to the point where many websites break, so seeing this leak is surprising.

Slightly unrelated but which VPN client would you recommend?β€Œ I'm not a fan of the official OpenVPN because it has no built-in killswitch/network lock.

Unfortunately, OpenVPN is the only one that I know of...

You could try to contact AirVPN support about this. Maybe someone else has experience with this issue on Ubuntu 22.04 or similar.

Alternatively, you can set a custom DNS resolver in Firefox (I don't know if/how other browser might do this) under Settings -> Privacy & Security -> DNS Over HTTPS -> Max Protection -> "Custom" on the provider dropdown and use one of Mullvad's resolvers.

Mullvad is highly regarded as a reliable privacy service by many. I suggest you look into them before trusting them with your data, though. Always good to do some due diligence.

Otherwise, I'm not sure what could be causing this.

1 Like

The custom DNS thing worked!β€Œ I had no idea that was a thing, and moreover I had no idea Mullvad's DNS was free for everyone (Quad9 was my main).

Now as you said this only works within Firefox; consequently, my next question would be can this be applied system-wide, somehow? Through settings or perhaps the terminal?β€Œ Many thanks for your help thus far

Put it on your router and it should work. I have a mesh network and put Quad9 on the router and it’s been working fine.

1 Like

For something that works for your entire system you can install something like DNSCrypt. For a network-level approach, so that all of your devices can benefit from this, you can setup Pi-Hole.

But remember that this are DNS resolvers, not VPN. You probably can install a VPN at the router as well, but I've never tried this.