OpenVPN and advertised DNS

When running openvpn the router is still using my standard DNS server gived by DHCP on my wan interface.
Is there a way to make the router to use the DNS server given by openvpn server.
here is the log:
PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS,dhcp-option DNS,route,topology net30,ping 5,ping-restart 30,ifconfig

When using these two DNS servers then DNS leak wont be any problem.

Which vpn server are you using? I need to try and check how to avoid the dns leaks. Seems these dns options are not applied in the router, or it is not propagate to the clients.

I am using NordVPN and IPVanish and they both push DNS withe the dhcp-option DNS.
I did some testing starting openvpn manually and i got it to work by using a startup script with openvpn.

/usr/sbin/openvpn --script-security 2 --up /etc/config/ --down /etc/config/ --config /etc/openvpn/

And here is the tun_up script I made based on some other script I found using google: (excuse my mess but this is my first sh script i made)
ns1=echo $foreign_option_1 | sed -e 's/dhcp-option DNS //g'
ns2=echo $foreign_option_2 | sed -e 's/dhcp-option DNS //g'
ucicmd=echo "uci set network.wwan.dns='$ns1 $ns2'"
eval “$ucicmd”
uci set network.wwan.peerdns=‘0’
uci commit network
/etc/init.d/network reload

However this script is locked to using wwan as the outside interface. It would be great to have it autodetect the outside interface.
And also this is not using the built in openvpn method already implemented in the firmware.

uci delete network.wwan.dns
uci delete network.wwan.peerdns
uci commit network
/etc/init.d/network reload

Here is my rc.local boot script:
if (grep -o “BTN_8.*lo” /sys/kernel/debug/gpio) >/dev/null
#switch in right position (on)
echo switch_on
#switch in left position (off)
echo switch_off

And my BTN_8 script:
echo “$BUTTON ${ACTION}” > /dev/console
if [ .${ACTION}. = .pressed. ]; then
killall openvpn
/etc/config/start_openvpn # that will start /usr/sbin/openvpn listed above

Thanks for sharing. We will explore this issue.

Are there any updates to this issue?


Hi, sorry I forgot this already. Let me pick up this.