Windows 10 DNS resolver sends DNS requests in parallel to all available network interfaces and uses the fastest reply to come. If you use DNS from the local network, this problem allows your ISP or a hacker with Wi-Fi ap to hijack your DNS records and steal your data even if you use VPN .
This plugin should fix this issue for Windows 8.1 and Windows 10 users. Read More.
Functionality of this plugin is integrated into OpenVPN 2.3.9, just use --block-outside-dns configuration option. If you can't use the latest OpenVPN version, follow the steps below:
- Download
fix-dns-leak-32.dllfor 32 bit system orfix-dns-leak-64.dllfor 64 bit system - Add the following line to your OpenVPN configuration file:
plugin fix-dns-leak-32.dll
for 32 bit system or
plugin fix-dns-leak-64.dll
for 64 bit system
This plugin implements Windows Filtering Platform userspace filter to block all IPv4 and IPv6 DNS queries from DNS Client service to port 53 except on OpenVPN's TAP interface. It works like a temporary firewall which clears its rules upon termination or crash. This is important as you won't get broken internet connection if OpenVPN client suddenly crashes, unlike with other methods.