Solved: Debian 9 (Stretch) VPN manager not setting DNS correctly

Discussion in 'Linux' started by pfred, Jul 14, 2017.

  1. p

    pfred New Member

    I installed the VPN manager under Debian 9 (Stretch) using the current version .deb. When connecting to a Perfect Privacy server DNS does not get set correctly. For example my default DNS is Google (8.8.8.8) and after connecting Check-DNS lists all the Google DNS servers.

    I also installed the VPN mamaner under Ubuntu 16.04 using the current version .deb using the same procedure outlined below and when connecting to a Perfect Privacy server DNS does get set correctly (eg for Singaporeb singapore2.perfect-privacy.com).

    Downloaded the current perfect-privacy-vpn.deb

    sudo dpkg -i /Downloads/perfect-privacy-vpn.deb
    sudo apt-get install -f

    Anyone else with the problem?
     
  2. PP Stephan

    PP Stephan Staff Member

    This is probably because you are using Network Manager for setting DNS servers. This method is currently not support in the linux client (but will be with one of the next versions). As workaround I would recommend entering OpenNIC (https://www.opennic.org/) DNS servers directly via Network Manager.
     
  3. p

    pfred New Member

    Approximately when will a version of VPN Manager that supports Network Manager be available? I won't be able to use PP until there is support for Debian 9 (NetworkManager).
     
  4. PP Stephan

    PP Stephan Staff Member

    We are currently looking at providing a fix as soon as possible.
     
  5. MixMaster

    MixMaster Member

    Frankly, DNS resolver selection in mainstream Linux distributions is a mess. dhcp-client and Network Manager both try to manage resolv.conf with additional interference from resolvconf. And now there's systemd-resolved.

    I'd recommend to disable systemd-resolved.service (if enabled), install a local resolver (apt-get install unbound), create resolv.conf to read only "nameserver 127.0.0.1" and make the file immutable (chattr +i /etc/resolv.conf). Finally, remove the resolvconf package, otherwise it might still try to configure the dhcp- and vpn-provided resolvers as forwarders in unbound.
     
  6. p

    pfred New Member

    Is PP VPN manager now working with Dedian 9 (stretch), correctly setting PP DNS? Has VPN manager been fixed?
     
  7. M

    Mr Craft New Member

    No, it hasn't I'm having the same issue, and this is the first useful post that I've found, thanks, OP. I don't mind setting up OpenNic right now, but this has apparently been an issue for quite some time; which PP doesn't seem to be very concerned with fixing. If there is still no update to this thread or an actual fix, then I guess I'll chalk this up to a crap trial run of PP and move on to another service.
     
  8. MixMaster

    MixMaster Member

    Well, what would like you to see the VPN Manager do? As a Linux user, you're supposed to have more control over your system than a one-click-and-trust user. If DNS leaks are a concern, you have several ways to set up a solution to your liking, there's no one-size-fits-all.

    Here's a way to avoid DNS leaks while also making use of PP's caching resolvers:

    - apt-get install unbound
    - configure NetworkManager to use 127.0.0.1 as resolver
    - you'll need to install resolvconf too. the name changed to openresolv in newer distributions
    - chmod a+x /etc/resolvconf/update.d/unbound (this seems to be a bug in the unbound package)

    What happens is that without VPN connection, the system locally resolves all names, avoiding leaking DNS requests to your ISP or Google or OpenNic.
    The VPN server pushes resolver address that unbound will use as forwarders as long as VPN is connected.
     
  9. p

    pfred New Member

    Well,, not everyone is a propeller-head terminal command line commander. Ubuntu and Debian have gone to great lengths making Linux usable. There's nothing wrong with "one-click" and it just works - it's up to you the propeller-head to make that happen.

    Just a FYI. PP's VPN Manager is still broken but Expressvpn VPN Manger works under both Debian 9 and Ubuntu 16.04 - they were able to make it work as it should.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice