What is DNS Leak and What Can You Do About It

The internet is made up of many building blocks, and its backbone is the DNS, Domain Name System. The DNS is responsible for translating domain names into IP addresses. This is because computers don’t understand domain names, for instance, Google.com and humans also can’t remember every IP address of the website they want to visit. The DNS solves this computer-human problem. Every time you type a domain name in your computer, a Domain Name Server will service the query and return the appropriate results. 

What is a DNS leak?

DNS leaks mostly happen when using a VPN or any other service that makes you private or anonymous. In a nutshell, a DNS leak is a situation where the intended Domain Name Server does not service your DNS request. For instance, when using a VPN, all your queries are routed to the VPN’s DNS. But when they get routed elsewhere, e.g. to your ISP, that’s a DNS leak.

What causes DNS leaks?

DNS leaks can occur due to various reasons. For example, in windows, the OS can get confused about what DNS to use when you have a VPN. To resolve the issue, the OS will choose your default ‘ISP’ DNS, and this causes a leak. Below are other causes of DNS leaks when using a VPN:

  • VPN’s momentarily disconnections – When a VPN disconnects, you are not private anymore as your ISP takes over. Your ISP will then service any queries you make.
  • Poor DNS implementation by a VPN – Nowadays, most internet devices use IPv6 addresses since the IPv4 addresses are nearly maxed out. The problem, most VPNs don’t support IPv6 addressing scheme, and when devices using these addresses make a request, they are automatically serviced by your ISP, and hence you will have a leak.

Preventing DNS leaks

It’s hard to know when your VPN is leaking unless you do DNS leak tests now and then. To avoid this, use a reputable VPN which provides the following mechanisms;

  • DNS leak protection – High-quality VPNs run and manage their DNS and hence they have proper implementations. Some even offer IPv6 and IPv4 leak protection.
  • Kill Switch – Reputable VPNs have this feature that prevents any traffic from leaving or entering your computer when a VPN momentarily disconnects. This feature ensures leaks don’t occur when you are not protected.