Hi everybody

I use IPVanish

when connecting from my windows 10 machine everything is fine
but when connecting through OpenVPN on our Mint Linux system, a DNS Leak test shows that we are still talking to both the IPVanish servers and the system specified dns servers

I was advised by IPVanish to add 'dhcp-option DNS 198.18.0.1' to the server configuration file to force the use of IPVanish dns servers.

IPV6 is disabled

Their support guys, although very responsive, have run out of ideas.

Anybody had same? any know fixes?

Thanks in advance

Couple of questions:
"system specified dns servers" What system is specifying them?
To which "server configuration file" did you add the 'dhcp-option DNS 198.18.0.1'
What are the contents of /etc/resolv.conf?
What does ifconfig show?

Caveats: I know nothing about Mint or IPVanish.

In this instance, the Linux Mint system is the "Client" and IPVanish is the "Server".
You configured openVPN client to utilize 198.18.0.1 ?

And 198.18.0.1 tells the vpn client to use YOUR dns entries not theirs, if they provide one...?

Seen https://support.ipvanish.com/hc/en-u...in-Linux-Mint- ?

Have a router? See https://support.ipvanish.com/hc/en-u...080073-Routers also.

If you are "leaking" and not using their "software", see https://support.ipvanish.com/hc/en-u...9853-DNS-Leaks as well.

Ask them to walk you through Linux config.
And don't be afraid to ask for Level 2 support if the peeps answering the phone can't help.

It can't be "just you"...is the point.

Good Luck.

Thanks for the replies scacey and Habitual

Semantics problem here.

Although I am adding to the file used by my client to contact the IPVanish server, this file is known by Linux as VPN configuration file and by IPVanish as the 'server configuration file' i.e. the file that specifies which IPVanish server to connect to and how to handle the connection'. confusing huh?

Habitual's comment about 198.18.0.1 has now confused me further as 198.18.0.1 and 198.18.0.2 are the IPVanish DNS servers https://github.com/Luen/IPVanish-Ser...-allowlist.txt (first two entries)
So why would they tell the client to use the system specified DNS servers?

I have set up a lot of Linux, Windows and IOS VPNs but have never encountered this problem before

I was just wondering if anybody else has had the same problem

..... and sorry Sean, I forgot to answer your questions

"system specified dns servers" What system is specifying them?
I meant just the DNS settings im my wireless connection that I am using (also in my router)

To which "server configuration file" did you add the 'dhcp-option DNS 198.18.0.1'
As my last post, semantics, It is the .ovpn file specifying IPVanish router

What are the contents of /etc/resolv.conf?
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1

What does ifconfig show?

(the important bits)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.21.20.33 P-t-P:172.21.20.33 Mask:255.255.254.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:19 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2684 (2.6 KB) TX bytes:4498 (4.4 KB)

wlp1s0 Link encap:Ethernet HWaddr 64:27:37:b3:c6:77
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::d3ac:daad:7c45:96b8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1682289 errors:0 dropped:0 overruns:0 frame:0
TX packets:1497685 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:745213574 (745.2 MB) TX bytes:1294578230 (1.2 GB)

(wlp1s0= wireless, PCI bus 1, Slot 0)

Thanks

What are the "system specified dns servers" in your opening post after connecting to ipVanish service?

What are the "system specified dns servers" in your opening post after connecting to ipVanish service?

I use 84.200.69.80 and 84.200.70.40 (DNS.WATCH) although the problem persists with static or automatic

UPDATE:

I have just found out that different distros treat OpenDNS .ovpn files differently and there is a suggestion that in Mint, DNS specifications are ignored.

This would explain a lot and I have just experimented by removing static addresses from my network settings and my DNS requests are now being handled by the servers specified in my router.

This is the relevant section of syslog showing dnsmasq entries showing 192.168.1.1 even though an IPVanish DNS server is specified in the .ovpn file

Jul 2 23:06:23 mikep-SVE1511P1EW NetworkManager[999]: <info> [1530569183.6318] dns-mgr: Writing DNS information to /sbin/resolvconf
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: setting upstream servers from DBus
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.1#53(via tun0)
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.1#53 for domain 24.21.172.in-addr.arpa
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.1#53 for domain 25.21.172.in-addr.arpa
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.2#53 for domain 24.21.172.in-addr.arpa
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.2#53 for domain 25.21.172.in-addr.arpa
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 198.18.0.2#53(via tun0)
Jul 2 23:06:23 mikep-SVE1511P1EW dnsmasq[1414]: using nameserver 192.168.1.1#53(via wlp1s0)

I have read that the IPVanish DNS server should be specified in my /etc/resolv.conf and that to achieve this I should add it to my in my /etc/resolvconf/resolv.conf.d/base file and then regenerate resolv.conf

This, sadly, did not work, even after reboot. Do you know how to achieve specifying the DNS in /etc/resolv.conf

Any help would be appreciated as my brain is beginning to hurt

Thanks