How do I fix a DNS leak?

Now that I'm using a VPN 24/7, I've been looking to enhance my privacy further and discovered the phenomenon called "VPN leaks"... Further investigation has revealed that my computer does in fact, leak the DNS.

But the question is, how do I fix it?

I found this article about DNS leaks and Ubuntu.

Which indicates that I can fix DNS leaks by entering:

echo "#disable ipv6″ | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1″ | sudo tee -a /etc/sysctl.conf

But this is a pretty old article - will this still apply to Ubuntu 14.04 LTS or newer? Is this the same for all ISPs and/or VPN services?

I also found a support article from TorGuard themselves.

But it doesn't elaborate as to what DNS address I should be entering, nor whether I need to do this every time I start/stop my VPN or whether this changes if I change the country I'm currently using with my VPN...

Any assistance would be appreciated.

I am using Ubuntu 14.04 LTS and "TorGuard Lite", which I believe is their supplied/branded/maintained version of OpenVPN...

--

Update:

TorGuard technical support got back to me, and they said I need to enter two particular IP addresses (I have them in an e-mail, not mentioned here), as per this guide...

I entered them as: {IP address},{space}{IP address}

I restarted my computer, but it still looks like I've got DNS leaks... DNSLeakTest.com doesn't work (in Mozilla Firefox or Google Chrome) - it just says "test in progress" - and the others have mixed results...

  • IPLeak.net: Indicates Telstra (my ISP) IP addresses;
  • DNSLeak.com: Appears to indicate I'm using foreign IP addresses - different ones to the Telstra (my ISP) ones listed above;
  • Perfect Privacy's DNS leak test lists both Telstra (my ISP) AND the same foreign IP information indicated by DNSLeak.com (WTF?).

The results were the same for both Chrome and Firefox.


To fix the DNS leak in Ubuntu, you need to add these three lines at the end of your .ovpn file as new lines:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

The script named "update-resolv-conf" updates "/etc/resolv.conf" file automatically. It forces OpenVPN to use default DNS in the .ovpn file.

Source: http://www.ubuntubuzz.com/2015/09/how-to-fix-openvpn-dns-leak-in-linux.html