under what conditions is the leak occurring? I’m looking to reproduce my self. can you explain your environment. thanks
for example
default settings, Override DNS Settings for All Clients?
cloudsflare, nextdns dnscrypt proxy?
wireguard,openvpn,tor?
internet kill swith?
fyi if you looking to use protonvpn internal vpn dns servers they are at 10.8.8.1 and 10.7.7.1. perhaps these address are conficting internally with your networking environment.
Did all leak sites detect the leak? I have not been able to reproduce with all your settings.
are you the only client on the router? terado, ipv6-over-ipv4?
here is the last question no admin likes to hear including me… did you start with a fresh install or did you upgrade with keep settings on router firmware?
Now I have found one other user which looks like have the same DNS leak by useing Wireguard against me by useing OpenVPN:
" I do have custom DNS settings configured, however I am also using the AR750 as a Wireguard client. My issue is that the device does not configure DNS correctly. My client devices always use the upstream devices DNS server."
The same bug on a verry old and a actual firmware. In boot cases, the client devices always use the upstream devices DNS server and not the on router configured one.
I hope the hint can help how to check, find and fix this bug on actual firmware versions again.
Good afternoon, I can confirm that firmware version 3.201 does leak DNS, and I “solved” the problem by reverting to version 3.105. However I still seem to have problems casting (BBC) to chromecast. after 20 mins or so the screen says: Ready to cast and I have to stop casting and restart.
Hi, thnx for the thnx.
I retract my comment about losing the connection to the BBC stream. I have been testing now for several hours BBC and Channel5. and no problems at all.
By the way. It can be it make sense to fix the menue (if I remember right) which can only set to “use the DNS of your ISP” or so on, to disable if used coudflare or whatever user defined non ISP DNS…
Yes, the ISP DNS must be avoided but, for example under ASUSWRT Merlin, I can chose between VPN provider DNS or DoT. The choice would even be better to be able to have VPN DNS for VPN clients and DoT DNS for those excluded from the VPN. You cannot assume only one logic here. ASUSWRT Merlin also gives a large choice of DoT servers.
I think that GL has made a few things too simple giving almost no choice to the user.
These are a few options that I would really need when I’m using the MV1000. And these are from the older GUI version from john9527
Wow. The possibility to disable to disable weak chipper suites looks interesting. Is the asus wrt full open source or does it have closed source parts like DDWRT and the gl firmware ?
I was looking now for Asus router. And found some models in dsl router size, a didnt find on travel router size on this time.
Unfortunately, it’s not. This is one of the reason why I use an older version based fork from John because the Merlin’s fork is less and less open source (because of asus choices). I believe Wifi is never OSS while the rest is. The other problem is that my RT-AC68U uses a very old 2.6 kernel (so no wireguard). I don’t think asus has produced a small size router.