So I am in China right now and am using a travel router (Beryl AX) with v2RayA and OpenClash installed. And I also have Mullvad VPN installed. When I run a dns leak test using Mullvad VPN the only DNS servers that appear are from Mullvad VPN which is what I want for v2ray.
But when I use either v2RayA or OpenClash I get lots of Chinese ISP DNS servers from China Mobile Communications.
I have tried to manually setup the dns on the travel router to just be 8.8.8.8 or some other popular ip. This means that now all these real Chinese ISP DNS servers appear as Google DNS servers. But then I have noticed my VPN instantly gets blocked and defaults to no VPN. Maybe some GFW antics.
I have also tried using v2box app on my Macbook and iPhone and it works perfectly, as the only dns servers I see in a dns leak test are the vpn’s servers.
Can anyone help, I can even tip someone to help fix this issue. As I have been stuck on it all day and I am going crazy over it. I know it is a DNS config issue with OpenClash or v2RayA because MullVad VPN works fine on the router and so does V2Box app of different clients.
This is absolutely normal unless you set openclash to redirect all traffic via proxy.
Make sure, also, that clash rules are defined to redirect all the traffic via the proxy
On your GL router Admin Panel > NETWORK > DNS settings, try “Override DNS Settings of All Clients = Yes” and “Allow Custom DNS to Override VPN DNS = Yes”.
Then in the “Mode” section, select “manual” and enter the IPs of the DNS servers you want.
When you setup the travel router at a new location you may need to flip back to Automatic temporarily to get the router online, but after tunnels are established you can move back to the desired DNS.
EDIT - if you’re having trouble getting DNS routed through the tunnel then select Encrypted DNS and use DNS over TLS or DNS over HTTPS. These should not bypass the tunnel.
I fixed it thanks so much. The v2ray provider service has some rule categories and they have a global rule which routes all traffic through the vpn
Right yes I found that as the issue thanks. I noticed for example browserleaks.com → DIRECT
So not everything is getting routed through the VPN. Do you know the easiest/most common way to route everything through the vpn? In openclash or just in general
Cheers but in the end it was just an issue with not all the traffic routing through the proxy.
Please check out my edit… the last part will force DNS through the tunnel/proxy.
I think the service I’m using (Nexitally) has some dns related stuff so it shows as Google or cloudflare in dns tests. And then my normal VPS’s just show the VPS DNS servers. I’m tempting to stop using my own VPS servers now though. MY AWS VPS is already at 16 usd which is more than just paying for a vpn service per month
That’s a crazy amount to run for a basic VPN VPS instance. I have over 100+ wireguard clients running on a linode $5/mo instance (all streaming TV all-day long) and it doesn’t break a sweat. v2ray and such will be higher resource demand, but for a single user proxy I couldn’t imaging needing more than the basic plan… the vCPU is running on AMD EPYC 7642 48-Core Processor hardware.
PS. If you want your VPS to also handle DNS duties, it’s easy to toss on Adguard via docker and just run it with the filters disabled for minimal resource load. Then you can point your router DNS to your VPS via the tunnel.