XR500 hybrid VPN DNS leak test

[six4bravo]

I'm very happy so far with my new xr500. One small thing to ask and see if maybe I'm not setting it up right though. I use ExpressVPN. Setting up the router's hybrid VPN was easy and it does mask my IP. However, when running a DNS leak test, it still shows my real ISP DNS in the test. If I just run the app or chrome extension for ExpressVPN, it masks the IP and uses their DNS servers and the leak tests come back good. So is there a setting I'm missing or is hybrid VPN missing a setting for DNS? Is the DNS settings in the ExpressVPN config file thats copy/pasted into the settings in the router? Thanks.

[BIG__DOG]

2 hours ago, six4bravo said:

I'm very happy so far with my new xr500. One small thing to ask and see if maybe I'm not setting it up right though. I use ExpressVPN. Setting up the router's hybrid VPN was easy and it does mask my IP. However, when running a DNS leak test, it still shows my real ISP DNS in the test. If I just run the app or chrome extension for ExpressVPN, it masks the IP and uses their DNS servers and the leak tests come back good. So is there a setting I'm missing or is hybrid VPN missing a setting for DNS? Is the DNS settings in the ExpressVPN config file thats copy/pasted into the settings in the router? Thanks.

have you tried inputting their dns servers into the routers dns settings?

[six4bravo]

If i did that, wouldn't that make all my traffic use those DNS servers then? I'm just looking to route the devices I have added to hybrid VPN to use the services and DNS, if thats even possible to separate them like that.

[Netduma Admin]

5 hours ago, six4bravo said:

If i did that, wouldn't that make all my traffic use those DNS servers then? I'm just looking to route the devices I have added to hybrid VPN to use the services and DNS, if thats even possible to separate them like that.

You're right - if you enter the VPN DNS into the network settings DNS it will apply to all devices on your network, which I assume you don't want.

Could you paste the ovpn config file you've used into this thread please. We'll probably need to check with a dev if it's sufficient to apply the VPN's DNS too.

Also, could you link us to where you ran the DNS leak test. 

Thanks.

[xr500user]

i reported this, dec 20th.

http://forum.netduma.com/topic/27539-hybrid-vpn-speeds/?do=findComment&comment=204382

 

 

[Netduma Admin]

35 minutes ago, xr500user said:

i reported this, dec 20th.

http://forum.netduma.com/topic/27539-hybrid-vpn-speeds/?do=findComment&comment=204382

 

 

Thanks

[six4bravo]

That is correct, the hybrid VPN settings need to add DNS configuration separate from the rest of the traffic. If you guys work on it and create a beta firmware I'd be willing to test it.

 

DNS leak test:

https://www.expressvpn.com/dns-leak-test

 

ExpressVPN config file is attached.

 

my_expressvpn_usa_-_dallas_udp.ovpn

 

In the linked thread, I see about the same speeds as they mentioned, capped at around 20-25Mbps. While running the ExpressVPN client on windows, it pulls in 150-250Mbps Download and full 12Mbps upload. So speeds are definitely disappointing but i can live with it for now. FYI, on the xr700, the hybrid VPN speeds were double that of the xr500 (around 40ish Mbps) so maybe hardware limited?

[Netduma Admin]

Thanks for the extra info. 

And that's correct, speeds are limited by the hardware. A router is not as powerful as a PC, so you won't be able to get the same speeds through the router.

[kamoj]

The XR500 use the same Hw as the Netgear R7800. The bigger memory in XR500 is not used...

The R7800 is able to do download speed of 100+ Mbps over OpenVPN with 256 bit encryption.

I have tried it and succeeded with both Voxel and DD-WRT Firmware. DD-WRT is available for XR500!

So its not a HW limitation in the XR500, its in the firmware and how the code is compiled etc.

Voxel has given optimisation information to Netgear but it seems like they have not cared about it?!

[Guest Killhippie]

4 hours ago, kamoj said:

The XR500 use the same Hw as the Netgear R7800. The bigger memory in XR500 is not used...

The R7800 is able to do download speed of 100+ Mbps over OpenVPN with 256 bit encryption.

I have tried it and succeeded with both Voxel and DD-WRT Firmware. DD-WRT is available for XR500!

So its not a HW limitation in the XR500, its in the firmware and how the code is compiled etc.

Voxel has given optimisation information to Netgear but it seems like they have not cared about it?!

Have to say kamoj is right, the R7800 performs much better using Voxels firmware than the XR500's with OpenVPN.  Maybe the Devs should have a chat with Voxel, since Netgear ignored him and his fork of Netgears stock is far superior.

[Netduma Admin]

Ok, thanks for the info guys.

[ghoul2oo3]

Can we expect any update on a fix post mid / late February? Pretty much unusable since it leaks DNS :(

[Netduma Admin]

Any fixes will probably be built into our next development milestone. We will announce more on this when we can. 

[Blockage]

Bumping this topic. Another XR500 user here. Also experiencing a leaky DNS on Express VPN and looking for a fix.

Any updates? 

[Netduma Alex]

We're aware of it. The next milestone isn't out yet.

[raf1212]

I have the same thing with expresvpn

[Netduma Fraser]

28 minutes ago, raf1212 said:

I have the same thing with expresvpn

Thanks for letting us know, it is something we're working on fixing.

[mike.ranzani]

Hi all,

same problem here with ExpressVPN and the XR500 router.

After setting up the Hybrid VPN parameters and correctly activating the VPN, we are experiecing a DNS leak. How to solve this issue?

Installed firmware release: 2.3.2.56

Using the official ExpressVPN app for Android, Windows and macOS we don't experience any problems. Only when using the XR500 router the dns leak occurs, which it makes completely not useful for our needs that router and DumaOS.

When do you plan to release a new firmware in order to solve this issue?

Thank you

[Netduma Fraser]

Hey, welcome to the forum Mike!

This will require a firmware update to fix but unfortunately we can't give any deadlines on when that may be available. A workaround would be to change the routers DNS to the VPNs DNS servers and that should work.

[mike.ranzani]

Hi Fraser,

thank you so much for your answer.

I've made many tests: I've tried the 2 DNS of ExpressVPN (https://www.expressvpn.com/setup#mediastreamer 85.203.37.1 and 85.203.37.2) but the DNS leaking always occurs.

Then I've tried to figure which DNS servers the client app is using, so I've started ExpressVPN app and tried to use the DNS servers reported in this page: https://www.expressvpn.com/dns-leak-test

Take the following ExpressVPN DNS server: 199.66.91.231  Using the following command from a client connected to DumaOS the DNS server gives a correct answer:

nslookup google.com 199.66.91.233

BUT if I try to set the same DNS server into the DumaOS configuration no domain address is correctly resolved!

Do you have any suggestion that could be helpful to solve the issue (for example, by modifying the DumaOS configuration AND/OR OpenVPN .ovpn file)?

Thank you

[Netduma Fraser]

Thanks for that, in that case no I don't think there is anything that can be done other than a fix from the devs.

[Tripper]

Any news on if this is getting fixed in the next milestone?

[Guest Killhippie]

54 minutes ago, Tripper said:

Any news on if this is getting fixed in the next milestone?

The next Milestone, is now DumaOS 3.0. It may be a few months before anything appears on the horizon. Then you have to figure in Netgears release schedule as the XR500 is their product.

[dennD]

It's now march 10th 2020,  and this issue still persists. Any news on new firmware release?

[Guest Killhippie]

It will arrive when 3.0 is ready, nobody knows to honest when that is and no one can can tell you a date as there isn't one really.