Resolving .onion domains on the Browser

1

I'm using a VPN Service called ProtonVPN, one of their server locations has TOR support, so it will automatically route all your traffic through the TOR Network. Once connected, if I visit the tor page, it in fact, says I'm connected to the tor network. Another cool feature is the ability to visit Tor Hidden Services (.onion domains) from the browser. On their help page it says that Google Chrome automatically supports resolution of .onion domains.

The problem is that the browser is not able to resolve the .onion domains.

I'm using viscosity to connect to the VPN, and after connected, it adds the VPN server to the /etc/resolv.conf.

The thing is, If I use dig to resolve an .onion domain. It also works fine.

dig protonirockerxow.onion

; <<>> DiG 9.9.7-P3 <<>> protonirockerxow.onion
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4658
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;protonirockerxow.onion.        IN  A

;; ANSWER SECTION:
protonirockerxow.onion. 60  IN  A   10.11.98.104

;; Query time: 1853 msec
;; SERVER: 10.8.8.1#53(10.8.8.1)
;; WHEN: Tue Oct 17 13:39:12 BST 2017
;; MSG SIZE  rcvd: 56

Whereas if I use scutil -r protonirockerxow.onion or wget or curl, none of them are able to resolve the domain.

When I run scutil --dns is listing the vpn server added by visicosity as the first one on the list.

DNS configuration

resolver #1
  search domain[0] : utun3.viscosity
  nameserver[0] : 10.8.8.1
  flags    : Request A records
  reach    : 0x00000002 (Reachable)

resolver #2
  domain   : local
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300000

resolver #3
  domain   : utun3.viscosity
  nameserver[0] : 10.8.8.1
  flags    : Supplemental, Request A records
  reach    : 0x00000002 (Reachable)
  order    : 100600

resolver #4
  domain   : 254.169.in-addr.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300200

resolver #5
  domain   : 8.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300400

resolver #6
  domain   : 9.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300600

resolver #7
  domain   : a.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300800

resolver #8
  domain   : b.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 301000

resolver #9
  domain   : dev
  nameserver[0] : 127.0.0.1
  port     : 20560
  flags    : Request A records, Request AAAA records
  reach    : 0x00030002 (Reachable,Local Address,Directly Reachable Address)

DNS configuration (for scoped queries)

resolver #1
  search domain[0] : utun3.viscosity
  nameserver[0] : 10.8.8.1
  if_index : 14 (utun3)
  flags    : Scoped, Request A records
  reach    : 0x00000002 (Reachable)

resolver #2
  nameserver[0] : 80.87.16.117
  nameserver[1] : 87.236.128.54
  if_index : 5 (en0)
  flags    : Scoped, Request A records
  reach    : 0x00000002 (Reachable)

And my /etc/resolv.conf is also been edited by viscosity after I connect showing this:

search utun3.viscosity
nameserver 10.8.8.1

Any idea what I'm doing wrong or any configuration I'm missing??

OS: MacOS High Sierra 10.13
Viscosity: 1.7.5 (1420)
Google Chrome: 61.0.3163.10
curl
dns
lookup
vpn
dig
asked on Super User Oct 17, 2017 by (unknown user)

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0