Plusnet now using a transparent DNS proxy?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: Plusnet now using a transparent DNS proxy?
Plusnet now using a transparent DNS proxy?
09-04-2016 9:33 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It would appear Plusnet have deployed a transparent DNS proxy. I use a VPN which uses its own DNS and has a built in "leak" prevention. This has worked fine, however, today I ran the test here - https://dnsleaktest.com and it returned Plusnet rather than the DNS my VPN was set to. In the past it has returned the VPN's DNS.
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 11:25 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Transparent DNS proxies are used by some ISPs (not PN as far as I'm aware) to intercept 'normal' DNS requests and provide locally cached results or direct a user to an ISP specific 'not found page'. All traffic over a VPN tunnel is encrypted and the ISP cannot decode the traffic carried, be they HTTP, DNS, SSH sessions etc.
Many VPN clients have a setting to determine whether DNS requests should be made via the VPN tunnel or via whatever DNS setting are specified in the client machine's network config. In your case, it sounds like this setting isn't enabled so requests are hitting the PN DNS servers instead. You can prove this by setting your PC DNS servers manually to Google (for example) - 8.8.8.8.and 8.8.4.4 and re-running your test.
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 12:36 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thank you for your reply.
1) Transparent DNS proxies can also be used to "force" users through an ISP's DNS. Which means even if a user is browsing through a VPN their browsing requests can still be seen. A VPN is only secure if browsing requests are routed through a DNS which does not belong to the ISP.
2) Yes, my VPN has a DNS leak protection setting. Yes it is turned on. My PC DNS settings are the ones specified by my VPN provider. They are set automatically when the option is turned on in the VPN.
3) I tried turning the option off in the VPN and setting my PC DNS to Google as you suggested. It makes no difference. The leak test still returns Plusnet.
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 12:59 PM - edited 09-04-2016 2:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
a) Plusnet do not have a transparent DNS proxy
b) Plusnet allow you to use any DNS provider or your choice
c) If a VPN is configured to carry all traffic, an ISP doesn't see any DNS requests so couldn't proxy them anyway
There's something wrong with your VPN/networking config if you're getting responses from the PN DNS servers or the 'leak' test you're performing is flawed.
Can you post the result from an nslookup of www.bbc.co.uk when running the VPN client and when not?
Can you also explain how your VPN access is setup? Is this a PC client or is it set up in your router?
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 3:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
1) If DNS requests go through the VPN's DNS then it is secure. If DNS requests are routed through the ISP DNS then the ISP can still see the web pages being requested.
2) I have used the following leak tests
https://www.perfect-privacy.com/dns-leaktest/
They all show Plusnet rather than my PC DNS which is set up as specified by my VPN.
3) With VPN
Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>nslookup www.bbc.co.uk
Server: dsldevice.lan
Address: fe80::3291:8fff:fe10:e4e6
Non-authoritative answer:
Name: www.bbc.net.uk
Addresses: 212.58.244.71
212.58.246.95
Aliases: www.bbc.co.u
Without VPN
C:\WINDOWS\system32>nslookup www.bbc.co.uk
Server: dsldevice.lan
Address: fe80::3291:8fff:fe10:e4e6
Non-authoritative answer:
Name: www.bbc.net.uk
Addresses: 212.58.244.70
212.58.246.94
Aliases: www.bbc.co.uk
C:\WINDOWS\system32>
4) My VPN is set up vis a PC client. The last time I ran a leak test prior to today was about 3 weeks ago. At that time it showed my VPN's DNS.
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 7:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Looks to me like the machine you ran those commands from is proxying DNS queries through the router (which will be using our DNS servers unless you've configured it to do otherwise).
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 7:58 PM - edited 09-04-2016 8:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@rotiferuk wrote:
1) If DNS requests go through the VPN's DNS then it is secure. If DNS requests are routed through the ISP DNS then the ISP can still see the web pages being requested.
Absolutely correct, and it is down to your networking config whether all the traffic is routed over the VPN or not - Noting to do with Plusnet.
In this case though it's a red herring - Turn off IPv6 in the PC network adapter settings and try again...
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 9:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Turning off IPv6 has resolved the issue. Many thanks
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 9:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I ran nslookup again after turning off IPv6. This time it shows my VPN's DNS, which is set in my Network configuration.
Re: Plusnet now using a transparent DNS proxy?
09-04-2016 9:36 PM - edited 10-04-2016 12:21 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
By way of explanation:
The VPN client is setup to pass all IPv4 traffic over the tunnel. This is why the DNS lookups are now going to where you expected.
Your router is configured as an IPv6 DHCP server however and is dishing out link local addresses to any IPv6 clients. It is also acting as a proxy DNS server and, as you haven't got IPv6 WAN conectivity, is passing those lookups to its configured IPv4 DNS servers ie Plusnet. Because your PC had IPv6 enabled it tried to use IPv6 in preference to IPv4 so was passing the DNS requests to the IPv6 DNS server ie your router and hence PN.
Turning off IPv6 has restored normality...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: Plusnet now using a transparent DNS proxy?