AdGuardDNS icon indicating copy to clipboard operation
AdGuardDNS copied to clipboard
verified publisher icon AdguardTeam

Google DNS appearing as a resolver when connected to the Sydney, AU AGDNS server

Open ghost opened this issue 2 years ago • 5 comments

I currently have the ability to test this on the Sydney, AU and the LA, US AGDNS due to a routing issue between my mobile connection and home VDSL connection.

When connected via the SN, AU AGDNS server additional Google DNS resolvers are appearing on dnscheck.tools. There's also Cloudflare appearing, but that could possibly be from iOS's Limit IP Address Tracking feature.

When connected to the LA, US AGDNS server, I don't experience the additional Google DNS resolvers.

@ameshkov mentioned this in the Telegram group chat, but I wanted to determine whether that was happening here, or it's something else.

Connected to SN, AU AGDNS server image image image

Connected to LA, US AGDNS server image

ghost avatar Aug 16 '23 01:08 ghost

Yes, that's the same reason. I am not sure btw why it does not behave like that on every locations.

dnscheck.tools triggers lots of different DNS queries that fail due to a DNSSEC error and records from which IP addresses the queries were sent. AG DNS unfortunately is not able to distinguish network errors and DNSSEC errors so in both cases it tries to use a fallback.

Ideally, we should only try to use a fallback in the case of a network issue, but I don't see any technical capability at the moment unfortunately.

ameshkov avatar Aug 16 '23 09:08 ameshkov

@ameshkov your support pls. I have also problem with DNS Leak when I sue the Wintun driver and check the leak using dnscheck.tools. Here is the result

Image Image

but I have no DNS leak when I disable the Wintun i have DNS leak at all.

Image

pls fix this issue ASAP

7ossam-3tman avatar Aug 12 '25 12:08 7ossam-3tman

WinTun driver in AG VPN?

Could you please explain the full setup that you have?

ameshkov avatar Aug 17 '25 10:08 ameshkov

I'm using Adguard VPN on my Windows 11, when activating the WinTun driver I see DNS leak as sent before. But when I disable the WinTun driver, there are no DNS leaks at all. Note: in my router setting, I have set and pushed the DNS that I want. Note2: I have windscribe Pro and using it without any DNS on the same setting. Note3: I have changed all my router DNS setting and make it Auto and then connect to Adguard VPN with Enabling to WinTun driver and now finally have no DNS leak.

Note4: I will test it again tomorrow on my Work to see if the result, (I'm using the Current version: 2.7.0 Beta 1 (1794)) Note5: no DNS leak on my Android mobil or TV (whatever the router DNS setting) no LEAK at all.

7ossam-3tman avatar Aug 17 '25 12:08 7ossam-3tman

@7ossam-3tman hi,

So, according to note 3 and 5, is the problem resolved?

As @ameshkov mentioned earlier:

dnscheck.tools triggers many different DNS queries that fail due to a DNSSEC error and records the IP addresses the queries were sent from. AG DNS unfortunately cannot distinguish network errors from DNSSEC errors, so in both cases it tries to use a fallback.

For me, it’s the same behaviour with or without Wintun. You can verify that this is a DNS-side feature —not Wintun or the Windows app—by setting a non-AdGuard DNS server in the app and checking dnscheck.tools.

vankos avatar Aug 27 '25 06:08 vankos