Quick answer: A DNS leak is a security flaw that allows your ISP to see your browsing activity despite using a VPN. If our test shows your ISP's DNS servers instead of your VPN's, your privacy is compromised.
What is a DNS Leak?
A DNS leak occurs when your computer's DNS (Domain Name System) requests are sent directly to your Internet Service Provider's (ISP) DNS servers instead of being routed through your VPN's encrypted tunnel. This effectively bypasses the primary purpose of a VPN, allowing your ISP and other third parties to see exactly which websites you are visiting.
Even though your IP address remains hidden, the record of your activity is still visible. For many users, this is a "silent killer" of online privacy because the browser appears protected while leaking data in the background.
How DNS Leak Detection Works
Our tool works by intercepting the DNS queries your browser makes when connecting to our test nodes. By comparing the source of those queries to your detected IP address, we can determine if your privacy tunnel is "leaky."
1. Request Capture
We trigger a unique DNS request from your browser that only our servers can resolve.
2. Identity Verification
We check if the IP that asked for the record belongs to your VPN or your real ISP.
Why Does DNS Leaking Happen?
DNS leaks aren't always the fault of the VPN provider. Often, it's caused by network configurations on your local OS:
- Windows Smart Multi-Homed Name Resolution: A Windows feature that sends DNS requests to all available interfaces.
- IPv6 Mismatches: When a VPN only supports IPv4, your OS might send IPv6 DNS requests through the regular cleartext channel.
- Manual OS Updates: Sometimes a system update resets your network adapter settings.
Frequently Asked Questions
Sources & References
BestVPNRadar Editorial
Our team of security researchers and network engineers works to uncover the truth about VPN privacy and performance.