You are not logged in.
- Topics: Active | Unanswered
#1 2021-09-02 20:31:19
- nuc
- Member
- Registered: 2012-04-26
- Posts: 117
DNS fails to resolve after connecting to VPN
Hi folks!
I am a long time user of the Windscribe VPN service (using windscribe-cli). It has worked very well for the most part.
But after some recent updates or changes to my system (well now it's a few months ago) windscribe vpn stopped working. The issue is, that when I connect to the VPN service DNS fails to resolve (while I can still ping 1.1.1.1).
Since I am a networking noob I figure I'd ask here in the forum how I could debug this issue and fix it.
I am using systemd-resolved and it is active. My /run/systemd/resolve/resolv.conf is symlinked to /etc/resolv.conf:
ll /etc/resolv.conf
lrwxrwxrwx 1 root root 32 6. Aug 22:49 /etc/resolv.conf -> /run/systemd/resolve/resolv.confThanks 
My resolve.conf before connecting:
nameserver 192.168.0.1
nameserver fd00::9a9b:cbff:fe70:5434
search .And after connecting to VPN
nameserver 10.255.255.2
nameserver 192.168.0.1
nameserver fd00::9a9b:cbff:fe70:5434
search .UPDATE:
Hah interesting, while posting my resolve.conf windscribe did something that it never did: It actually worked.
So it turns out when windscribe manages to add "nameserver 10.255.255.2" to resolve.conf then it works fine.
But most time it fails and my resolve.conf stays as in the first output (without "nameserver 10.255.255.2"); in that case it fails to resolve the DNS.
Last edited by nuc (2021-09-02 20:41:27)
Offline
#2 2021-09-03 01:48:56
- solskog
- Member
- Registered: 2020-09-05
- Posts: 416
Re: DNS fails to resolve after connecting to VPN
You should remove your local nameserver 192.168.0.1 and fd00::9a9b:cbff:fe70:5434le from your resolve.conf.
The DNS query happens in a round-robin and only 10.255.255.2 is valid as vpn providers nameserver.
This should be handled from your vpn provider (windscribe-cli) application/script, otherwise looks like a bug.
Offline
#3 2024-02-16 21:39:54
- younesious
- Member
- Registered: 2024-02-16
- Posts: 2
Re: DNS fails to resolve after connecting to VPN
Hi friend.
I have a same problem with Windscribe. in my case the problem is `iptables`. so I run: `sudo iptables -nvL --line-numbers` to show your chains and rules. in next step I look for windscribe_dnsleaks chain and the problem is here. you can run `cat /etc/resolve.conf` to see nameserver for Windscribe VPN generated. and it should be see in windscribe_dnsleaks part also and the target is drop so you must delete this rule with sudo iptables -D windscribe_dnsleaks 1 (1 is line number) and test.
if that's work's fine. you can add the rule to allow port 53 for dns like this for both udp and tcp:
`sudo iptables -A windscribe_dnsleaks -s 10.255.255.3 -p tcp --dport 53 -j ACCEPT`
`sudo iptables -A windscribe_dnsleaks -s 10.255.255.3 -p udp --dport 53 -j ACCEPT`
and finally save it for after each boot with: `sudo iptables-save -f /etc/iptables/iptables.rules`
but my problem after reboot come back to me:))))
Offline