search

xjasonlyu / tun2socks

tun2socks - powered by gVisor TCP/IP stack
https://github.com/xjasonlyu/tun2socks/wiki
GNU General Public License v3.0
3.13k stars 433 forks source link

[Bug] How to route DNS traffic through tunnel? #160

Closed bigli0n closed 2 years ago

bigli0n commented 2 years ago

Verify steps

Version

How to route DNS traffic through tunnel?

What OS are you seeing the problem on?

Linux

Description

Client is a Ubuntu laptop connecting to debian server via shadowsocks. After setting up routes all of my traffic does go through tun0 interface, however I can't figure how to get dns to. I've tried a whole range of things both locally and on the server. I have a DNS server on the remote end, and just using ss-local as a proxy with UDP relay enabled allows for example firefox to send all dns queries, but tun2socks seems either not to be redirecting UDP packets properly, or I have something misconfigured. Depending on what I've tried, either DNS stop resolving at all or goes to my default, pre-connect ISP servers. On the server end shadowsocks is configured to use the local DNS resolver I set up (unbound)

CLI or Config

tun2socks -device tun0 -proxy socks5://127.0.0.1:1080 -interface wlp1s0

Logs

No response

How to Reproduce

Fire up a Ubuntu 22.04 VM, install shadowsocks-libev and tun2socks (assuming you have remote server), create tun interface and add ips and routes. Try to connect to ss-local with the "tun2socks -proxy socks5://127.0.0.1:1080" options. Use dig, nslookup, or any of the web browser options to check which dns servers you are using

bigli0n commented 2 years ago

The issue was with Ubuntu itself and systemd-resolved. Using resolvectl dns command and forcing use of the proper server fixed the issue. Fast and no leaks according to Wireshark