0

I'm testing a setup which is as follows:

  • Machine A has a Firefox instance which is configured to connect to Machine B via SOCKS v5 at a given port.

  • Machine B has an Alpine Linux Docker container which is running a SSH server listening on a port as a SOCKS v5 server. Firefox from Machine A is connecting to this port on Machine B and it is successfully forwarded into the Docker container. All Firefox requests go to the Internet as originating from that Docker container.

  • That Docker container on Machine B also can additionally run OpenVPN as a client connected to a commercial VPN provider. If the OpenVPN client is running, then all Firefox requests are no longer originating from the Docker container, but are tunneled to the OpenVPN provider and originating from their VPN server.

The problem is that when I enable "Use the SOCKS v5 Proxy for DNS requests" in Firefox, then the DNS lookups are being issued from Machine B. Without it being enabled, they originate from Machine A.

I want these DNS lookups to be tunneled over OpenVPN as well. Is this possible? Is this issue what OpenVPN DNS leakage is about?

Improve this question

1 Answer 1

Reset to default
0

You'd need on Machine B an /etc/resolv.conf nameserver configuration of an IP that gets routed over the VPN to a DNS server on the VPN providers network.

Docker will pick up DNS resolution from the Machine B /etc/resolv.conf

While SNAT routing of the UDP on Machine B can push all DNS requests to the VPN provider, their return path will come back via the non-OpenVPN route.

ref: more detailed routing answer

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.