DNS issues connecting to PIA with Linode server

Have a Linode instance and downloaded the OVPN configs for PIA. Once connected I can ping addresses directly, but DNS does not work

tried changing resolv.conf and adding options in my .ovpn to set a dns server to cloudflare or google.

Still can’t ping google.com. But If I disconnect, DNS works fine.

Server is Ubuntu 22.04 LTS

Could PIA be hijacking DNS?

(Unless you are using a PIA suggested DNS)

Mulvad likes to do the same, by default

Have you tried a browser with DOH/DOT?

There are a couple apps to provide the services if that is the case, like stubby and unbound

I’m using a headless OS so I only have access to terminal.
networking isn’t my strong suit. but IDK why PIA OVPN would bork DNS.

I’d hate to bother @wendell but have you had any similar issues?

Have you tried using the PIA DNS Servers and seeing if it works?

Try use 10.0.0.242 or 209.222.18.222 and 209.222.18.218

Why not Wireguard out of interest? OVPN Is very slow. I get 1G/1G out of the smallest Linode instance back to my house over Wireguard

Also personally I would switch from PIA to Mullvad, but that’s just my preference

2 Likes

I didn’t know you could use wireguard over terminal, I thought you needed the app

OpenVPN has options like block-outside-dns and register-dns you might want to look for in your config. Others that might block traffic include block-local Split-Tunnel OFF pull and redirect-gateway.

To test a DNS server, try: dig @8.8.4.4 www.google.com
Change 8.8.4.4 to your preferred server.

If it works you might just need nameserver 8.8.4.4 in your /etc/resolv.conf… Unless you have some other system like systemd-resolved - ArchWiki taking priority in which case you have to configure it. nmtui is a good place to start editing your DNS settings.

Wireguard is built into the Linux kernel now

I had to install wireguard-tools package to enable it.
Weird issue. I tried it out following this
PIA Wireguard setup

And ran my scan and was getting half the rate I’m supposed to get, but on openVPN, I’m getting full speed.

I’m doing a scan for vnc ports (5900,5901,5902) and on wireguard, I was getting no results but ovpn I get instant results at full speed.

So if your IDS gets a syn packet for those, just ignore it, it was me doing research