1

Is it possible to configure the DNS of VPN services (such as NordVPN) so that they can use public DNS services (like Google Public DNS, Cloudflare DNS etc) of that country instead of the private DNS of the VPN provider? I need to configure that on my Mac OS for some testing purposes. I have tried to connect with the VPN provider and changed the DNS on my network settings to 8.8.8.8, but when I check the the DNS server used through dnsleaktest.com, it shows private DNS of the VPN provider instead of Google DNS(there is no DNS leak though). I have also tried connecting with Tunnelblick and adding the line "dhcp-option DNS 8.8.8.8" to the .ovpn file but that also did not help. I tried to search StackExchange and found a couple of relevant posts like how to make DNS requests go over VPN , OpenVPN client to use local DNS server and VPN provider's DNS server , Setting DNS servers using OpenVPN client config file, but none of them helped me resolve my issue. So I am stuck here, was wondering if I can get a solution to this?

This is the output of the /etc/resolv.conf file after I add "dhcp-option DNS 8.8.8.8", have connected with the VPN provider and have changed the DNS on my network settings to 8.8.8.8:

> #
> # macOS Notice
> #
> # This file is not consulted for DNS hostname resolution, address
> # resolution, or the DNS query routing mechanism used by most
> # processes on this system.
> #
> # To view the DNS configuration used by this system, use:
> #   scutil --dns
> #
> # SEE ALSO
> #   dns-sd(1), scutil(8)
> #
> # This file is automatically generated.
> # search openvpn nameserver 8.8.8.8 nameserver 103.86.96.100 nameserver 103.86.99.100

and this is what my .ovpn file looks like, does this seem correct?

client
dev tun
proto udp
remote 178.239.161.213 1194
dhcp-option DNS 8.8.8.8
dhcp-option DOMAIN mydomain.domain
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no

remote-cert-tls server

auth-user-pass
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
rkb
  • 11
  • 4
  • 1
    Hi and welcome to superuser! Could you perhaps edit your question to include what you've tried so far to check `if it's possible`? Did you search for it (on this site, or through DuckDuckGo)? What did you find? What was unclear? – Saaru Lindestøkke Jun 19 '20 at 22:28
  • what is the result of /etc/resolv.conf when you add `dhcp-option DNS 8.8.8.8` – EchoMike444 Jun 26 '20 at 04:48
  • @EchoMike444 I have updated my question with the result of /etc/resolv.conf – rkb Jun 26 '20 at 23:28
  • can run `scutil --dns` this was mentionned in the output of resolv.conf – EchoMike444 Jun 27 '20 at 03:53
  • That also shows the nameserver to be 8.8.8.8 but when I test using dnsleaktest.com it isn't apparently contacting the Google DNS Server in the country I am connecting to. This is the output of dnsleaktest.com: 178.239.161.213 (IP) 213.161.239.178.baremetal.zare.com. (hostname) Hydra Communications Ltd (ISP) London, United Kingdom (country). – rkb Jun 27 '20 at 04:10

0 Answers0