Thanks Simon, the comment on the potential parallel search is great and could be the source of your leak.
>From the trace you sent it seems when shrunken down to the path like this: # you first ask local dnsmask ;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms # that then asks main dns servers ;; Received 866 bytes from 202.12.27.33#53(m.root-servers.net) in 400 ms ;; Received 678 bytes from 192.5.6.30#53(a.gtld-servers.net) in 77 ms # dns service provider ;; Received 107 bytes from 204.13.251.27#53(ns4.p27.dynect.net) in 197 ms # canonical name server ;; Received 171 bytes from 91.189.91.139#53(ns3.canonical.com) in 134 ms But if I understood dig +trace enough it does so by understanding the dns reply. So your local dnsmasq or such on 127.0.0.1 is reporting "answer from 202.12.27.33#53(m.root-servers.net)" - then it asks this server next which then answers ... If anything it seems that already your local dns cache/proxy is not asking your "in-vpn" DNS but a public one. Configs will certainly help a bit in trying to understand that. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1685391 Title: DNS leak in Xubuntu 17.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1685391/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
