Firmware openwrt-ar750s-3.201-0402.tar, possible still same DNS leak or again

The menu item for using the ISP DNS should be deselectable when specifying a different DNS than the ISP DNS …

Yes, the ISP DNS must be avoided but, for example under ASUSWRT Merlin, I can chose between VPN provider DNS or DoT. The choice would even be better to be able to have VPN DNS for VPN clients and DoT DNS for those excluded from the VPN. You cannot assume only one logic here. ASUSWRT Merlin also gives a large choice of DoT servers.
I think that GL has made a few things too simple giving almost no choice to the user.
These are a few options that I would really need when I’m using the MV1000. And these are from the older GUI version from john9527


1 Like

Wow. The possibility to disable to disable weak chipper suites looks interesting. Is the asus wrt full open source or does it have closed source parts like DDWRT and the gl firmware ?

I was looking now for Asus router. And found some models in dsl router size, a didnt find on travel router size on this time.

Unfortunately, it’s not. This is one of the reason why I use an older version based fork from John because the Merlin’s fork is less and less open source (because of asus choices). I believe Wifi is never OSS while the rest is. The other problem is that my RT-AC68U uses a very old 2.6 kernel (so no wireguard). I don’t think asus has produced a small size router.

It can be they are one or two full open source WiFi vendors. If I remenmber right, I read like this on mono project or so on. It can be The WLEW200NX are one of this cards.

Remark:

One more which have possible the same possible DNS leak:

They are any plan and time frame to fix the DNS leak on 3.201 firmware ?

As I understand it, it’s possible only if you want a/b/g/n
There is no free open source driver for ac

What are the benefit for user of a VPN with a DNS leak ?

What are the benefit of dont useing existing wifi hardware which have open source driver ?

What are the benefit for user of a router firmware which have a closed source part ?

What are the benefit of a DNS leaky router based solution against only installing a VPN software on the PC which need a VPN ?

What are the benefit for user of a VPN with a DNS leak ?

I can’t tell because I don’t see one DNS leak, either on the client sent to the VPN or the one excluded. Both use CloudFlare DoT through the VPN (which isn’t optimal but cannot be called leak).

What are the benefit of dont useing existing wifi hardware which have open source driver ?

Having better speed with WIfi ac (because there is no open source wifi ac or ax).

What are the benefit for user of a router firmware which have a closed source part ?

see above : faster wifi and functions not available as open source like trend micro on ASUSWRT.

What are the benefit of a DNS leaky router based solution against only installing a VPN software on the PC which need a VPN ?

Not all devices behind a router (and I don’t see it leaking in the case of my MV1000) are PCs. Once properly configured in the router, I can chose which device goes in the VPN or not without having to install anything on each and every device (when ever a VPN can possibly be installed, try that in a cloud camera for example).

Source: Firmware openwrt-ar750s-3.201-0402.tar, possible still same DNS leak or again - #32 by Willist

“Based on openwrt 19.07.7

Important bugfix:

3. Fixed DNS leakage BUG when using CloudFlare after connecting to OpenVPN”
Source: https://dl.gl-inet.com/firmware/snapshots/3.203_beta4/ar750s/ReleaseNote.txt

Its great to see the fixed version from open wrt will be used now. So it will be possible in future to use one newer non DNS leak version than the last one released without DNS leak 3.105

Pls. dont forget to delete the known DNS leaky RELEASED Firmware 3.1x and or 3.2x …

I checked this week the GL.iNet download center
Its still the same DNS leak. So the last one known not DNS leaky is still the 3.105 (tested on AR-750S)

Any news about fixing the DNS leak ?

Any news about fixing DNS leak on firmware >= 3.2xx ?

Now I cannot find DNS leak in beta4 firmware. I am using Nord. Can you give a little details of how you test this time?

Leaky Configuration:

  • IPV4: on, IPV6: off
  • Wireguard service: disabled on startup
  • Dropebear: disabled on startup
  • DNS on GL router: Cloudlfare
  • DNS on ISP DSL router: Cloudflare
  • Firefox, DNS from Mozilla by DOH about:config is set: off (network.trr.mode 0)
  • Override DNS Settings for All Clients: on
  • Internet Kill switch: on
  • OpenVPN, Proton VPN
  • detecting the leak by: My IP Address - BrowserLeaks

DNS leak by unseeing external DNS like Cloudlfare, no DNS leak by unseeing VPN provider own DNS.

I am using Nord and used the same settings but I don’t have DNS Leak.

Previously the problem was in the default vpn policy.

Can you check if you have configured any vpn policy? The “Use VPN for all processes on the router” must be on. This should be the default setting on 3.203 beta4.

Can you turn on/off this option can try again? Just to make sure this is not the problem caused.

Leaky Configuration:

It is the country that is leaking, since Clouflare takes the closest servers, I’m not sure that this is a router problem, but still an interesting observation…

Let’s be clear.

3.201 has DNS leak. You have to enable vpn policy and select “use DNS for processes on the router” to avoid DNS leak.

This is fixed in 3.203.

1 Like

According to your configuration in firmware 3.203, I am get the DNS server by the VPN service provider. This is a normal situation.

Thanks! Yes, version 3.203-0722 not leaked!