DNS or Domain Name System is used to translate the domain names to IP Addresses so, browsers are able to complete your request. When you visit a website then you usually enter the domain name of the website but the browsers interact through IP Addresses, so translation occurs between the domain name and the IP Address in order to access the webpage.
For VPN connections, there are two types of threats that can potentially expose you. One is VPN connection failure and the other one is DNS leak.
DNS leak is when due to any issue whether it is caused by your system or there is some software issue, your ISP is able to track your online activity, regardless of you using a VPN. DNS leak is a security flaw and it results in your DNS requests to be revealed to your ISP’s DNS servers even though you are using a VPN to hide them.
By default, when you use a VPN then the DNS requests are routed through the secure VPN tunnel to DNS servers of your VPN provider instead of being routed to the DNS servers of your ISP.
However, when there is an issue with the VPN software or your system then a DNS leak can occur and you become visible to your ISP and it can then track your online activities. When a DNS leak occurs then you become visible to your ISP and thus you become exposed even though you are still using a VPN.
DNS leaks are quite common on Windows and less common on other operating systems. The reason why that happens is that Windows uses the default settings, i.e send requests through the ISP DNS server instead of sending the requests through the VPN tunnel to the VPN provider’s DNS Server and hence it results in DNS leaks.
DNS Leak Test
If you suspect that the VPN service that you are using has DNS Leaks then you can perform a DNS Leak test to confirm whether there is a DNS leak or not.
When you perform a DNS Leak test and the result shows the real location or the name of your ISP then it means that you have a DNS leak.
DNS Leak Fix
If you find that there is a DNS leak or you want to completely prevent the possibility of one happening then here are some things that you can do.
Use a good VPN Client
The first thing that you can do to prevent a DNS leak is to use a VPN client that does not have DNS leaks and offers in-built DNS leaks protection. There are different VPNs out there that have this feature available and they prevent DNS leaks from happening. Also, some VPNs have an internet kill switch that turns off all the internet traffic if there is a DNS leak. So, consider using a VPN service that has in-built DNS leak protection and an internet kill switch.
Change DNS Servers
You can change your DNS servers and prevent your ISP from snooping on you. You can ask for DNS servers from your VPN client or you can use a public DNS service such as Google Public DNS or Open DNS. Changing the DNS servers is more secure and the DNS translation occurs on a trusted platform and in some areas it can also improve the speed of your internet connection.
Google Public DNS
- Preferred DNS server: 188.8.131.52
- Alternate DNS server: 184.108.40.206
- Preferred DNS server: 220.127.116.11
- Alternate DNS server: 18.104.22.168