Page 1 of 1

VPN over DNS relay

Posted: Tue Mar 19, 2019 5:17 pm
by doiiido
I´m thinking about a possible implementation of a VPN server to be acting as a DNS server that would work through DNS relay.

I stumbled into a network that blocked any kind of connection but the DNS requests relayed through the DNS Server provided by the DHCP itself, so it made me think about the possibility to set subdomains (the name of the subdomain can be up to 63 characters as payload) with low TTLs and return packets as TXT records (up to 255 characters) that would be relayed through.

I´m asking here because I don´t know how viable it would be, but it sure got my attention as the TTLs are for mostly DNS updates and not for DNS first propagation of a record.

Best Regards,
Lincoln.

Re: VPN over DNS relay

Posted: Fri May 03, 2019 5:08 pm
by demanick05
Wow... Nice thought! I heard MIT use the same thing among their students

Re: VPN over DNS relay

Posted: Wed May 08, 2019 10:36 pm
by Jessica007
It's completely possible to set subdomains with low TTLs and return packets
The implementation of such VPN server is a good idea but may I ask what is your main goal here?

Re: VPN over DNS relay

Posted: Mon May 20, 2019 2:15 pm
by doiiido
I´ve had discussed it with one of my teachers and as Jessica007 said, it´s possible but would end up with a big ping, a (probably) slow bitrate but, for my surprise, it´s already being used in some covert channel applications.
It´s a potential project to bring it to public use, as a more agressive way to break through some low-end (or poorly implemented) firewall (ISPs) infrastructures.

Thank you all for the info and discussion!
Best regards,
Lincoln.