What's new

Route all DNS (Dnscrypt) through OpenVPN client tunnel?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bwoked

New Around Here
I'm having some serious issues out of the blue, dnscrypt and ntp seems to be blocked, yet again however I am able to connect to the net through the VPN tunnel. If I forward all dns (dnscrypt) queries through the VPN I will be able to connect just fine. I want to set this up for DNS only, not all traffic. How can I do this?
 
Last edited:
This has happened a dozen times or so over the last year; I am unable to contact an NTP server and DNScrypt is unable to connect to any dnscrypt server, no matter what fallback DNS IP I use. Even after I run nvram set ntp_ready=1, and nvram commit... to allow DNScrypt to launch without officially connecting to an NTP server. For example, yesterday I was unable to connect to yandex, cloudflare, other dnscrypt services for a few hours. I was able to ping cloudflare at 1.1.1.1 however, and I was receiving the usual firewalled incoming port scans and connections all the while.

Eventually it ironed itself out, as it always does, without any of my intervention. Then for a while, I was only able to connect to Yandex, other dnscrypt servers did not work, and the dnscrypt requests that went through were hit and miss, half were broken; at the same time the VPN was working flawlessly. Only when I switched to a DNScrypt server within my country, a 5 eyes nation, did these problems disappear.

Previously at times the only thing I was unable to connect to was an NTP server; I could only get internet/dnscrypt up and working by adding a script to automatically set NTP_ready=1 and pull the time via curl/wget command. This eventually mysteriously solved itself after a couple of weeks as well.

Update Often in these times I would receive a lot of https interception warnings suggesting the certificates of legitimate websites were tampered with by a middlebox or in the backbone. This would iron itself out eventually.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top