How to Troubleshoot a DNS Leak -- Security Today

How to Troubleshoot a DNS Leak

DNS leaks can be a surprisingly common issue and are often only noticed when actively looked for.

Mar 25, 2019

While they are not as commonly discussed as IP addresses or antivirus, Domain Name System (DNS) servers are a fundamental element of how the internet works. In its simplest form, the DNS is a directory that connects how humans see the internet (domain names) and how servers and computers see it (IP addresses). By translating one version for the other, it ensures that traffic arrives at the correct location.

However, this can cause some grave concern for privacy as all traffic has to go through a DNS server in order to reach its destination. Most default DNS servers will be operated by your internet service provider (ISP) and can use your information to track which sites you visit. This is one of the many reasons why people are increasingly using a VPN (Virtual Private Network) to mask their activity and improve the level of privacy their browsing sessions have.

What is a DNS leak?

Many people will install a VPN and assume they are fully protected, but DNS leaks can be a surprisingly common issue and are often only noticed when actively looked for.

In most cases, a DNS leak is the result of DNS queries being sent using an unsecured or easily identifiable IP address, rather than using the VPN’s connection.

Normally, a VPN connection will ‘tunnel’ your traffic through its own servers, masking your IP address, your location and activity. However, if your network settings are not set correctly, your device may send DNS requests from your default IP address instead, bypassing your VPN. While your activity itself will not be affected, details of that browsing activity could be unintentionally exposed – undermining the benefits of a VPN.

How to identify a leak

Thankfully, identifying a leak is incredibly simple. A free DNS leak checker tool will take moments to run and will give you an answer. Once the check has been run, the tool will provide you with the DNS server IP it has detected. If this matches the one provided by your ISP, you have a leak. If it is connected to your VPN service, then your connection is secure.

In most cases this can be done quickly at the start of a browsing session to ensure that a leak is not occurring. If a leak is identified, it’s best to stop browsing and repair the issue as soon as possible.

Types of leak

Improperly configured network. By far, networks that are left on default settings or are not properly configured are the most likely cause of a leak. In most instances the leak is triggered by the device in use bouncing between connections. For example, if you have been out and used coffee shop Wi-Fi with a VPN, when you return and try to connect to the home network your device will be assigned a new IP address and DNS server. In this moment before the VPN kicks in, your device may have automatically connected to your ISP’s DNS server outside of the encrypted tunnel, resulting in a leak.

Microsoft’s Teredo technology. Alongside DNS, IPv4 has long been one of the key components of the internet. While an improved protocol, IPv6, is available, the transition has been slow and there is concern that communications between devices using different versions of the IP protocol could result in leaks.

To protect users, Microsoft includes Teredo, a tunneling protocol, as part of Windows. While the intention is good, it could be prioritized over your VPN, creating a leak.

Luckily, this tool can be disabled easily, ensuring that your traffic is only directed through your VPN’s DNS server.

Transparent DNS Proxies. Many ISPs are familiar with the preference towards public DNS servers and have responded with a transparent proxy, which will redirect traffic to ensure that requests are made to their servers.

Luckily this can be easily identified with a leak checker tool. The latest versions of Open DNS, a public DNS server, and many VPN services also have options to block the use of transparent proxies.

How to fix a leak

To ensure a leak does not take place, you should switch from using your ISP’s DNS as a default and replace it with a public DNS like OpenDNS, or a server provided by your VPN. This means that even if DNS requests are made outside your VPN in the future, the details of your home server or any other identifiable information will not be made public. This DNS server should become the only one you use to connect to the internet.

Another solution is to configure your firewall to prevent all non-VPN traffic. This would prevent your ISP’s DNS servers being used and in doing so, will make sure that you cannot suffer a DNS leak in the future.

While a DNS leak can threaten your privacy, it is quick to identify and is easy to fix. The key to being secure, as it is with any online security, is to be proactive rather than reactive. This means that it is important to continue running a DNS leak test at regular intervals and check that all of your devices are not defaulting to the wrong server.

HID Signs Agreement to Acquire Calmell Group
07/10/2025
HID and ASSA ABLOY Recognized with Renowned Red Dot Award for Innovative Biometric eGate Design
07/09/2025
Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025

Featured

Sustainable Video Solution Delivered for Landmark City of London Office Development

An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now
- Facility Security
DHS to End ‘Shoes-Off’ Travel Policy

Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now
- Airport Security
AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance
Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now
- Government

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities