On 6/16/16, Mirimir <mirimir@riseup.net> wrote:
I tested 29 Windows VPN clients for DNS, IPv4 and IPv6 Leaks.
Nice. You might want to include - For clients that may be doing packet filtering instead of just modifying kernel routing tables... test ICMP, generic UDP (non-DNS), TCP, etc. - The codebase and VPN protocol of each client (OpenVPN, SoftEther, etc)
hit VPN-specified nameservers directly while reconnecting after uplink interruption. But that's not a huge issue, in that they didn't hit other nameservers.
Seems big if the direct hits were not encrypted over the VPN and user's requirement is to encrypt to the VPN termination.
After uplink interruption, some failed to reconnect automatically
These interruption, reconnect, renegotiation, timeout, edge cases are important to discover. More advanced users of Tor + OpenVPN might be interested in this capability... https://community.openvpn.net/openvpn/ticket/577