Page 1 of 1

DNS Doh - openvpn and firefox

Posted: Thu Dec 20, 2018 11:05 am
by blackexpresso
Hi,


I use w10 and openvpn last update.

I use many vpn UDP, TLS1.2 and 1.3.

I use firefox and have tried the Doh Option : network.trr in about:config. set 3 to always use it.

I have input an ip for example 9.9.9.9
and an internet FQDN


When i'm connected into a vpn, all dns trafic is routed by vpn, encrypted and all stay in the vpn.

but for the Doh DNS request from firefox, they aren't blocked.

dnsleaktest.com show first the vpn ip and, extended test, the Doh DNS setted in firefox.

I've try many vpn, all have the issue.

i think the block-outside-dns option should block they.

I've tried with openvpn android too, last version, same thing.

I inform. maybe an issue.

Thanks

Best regards

Re: DNS Doh - openvpn and firefox

Posted: Thu Dec 20, 2018 2:12 pm
by Pippin
If you want to route DNS over the VPN, then disable network.trr

Re: DNS Doh - openvpn and firefox

Posted: Fri Dec 21, 2018 10:49 pm
by blackexpresso
Hi,

Thanks to answer.

Yes, vpn users have to do this and disable trr mode. But i was thinking block-oustide-dns should block it, in fact no.

If yes, we will set trr mode to 2 and have in vpn, normal request because Doh will be blocked, and outside the vpn, it can be enable if nothing block it.