IP/DNS leakage - when using a VPN

J

Jim West

Well-Known Member
Joined
Mar 26, 2014
Messages
325
Reaction score
0
Location
Tucson
When using a VPN, IP/DNS leakage occurs when unencrypted DNS queries are sent by my system outside the established VPN tunnel. When leakage occurs, my ISP or anyone with the ability to monitor my line knows the names my system is resolving (e.g., web sites visited). My understanding is such leakage will happen if my local DNS server and default gateway IP match.

So when using a VPN, it's possible to prevent IP/DNS leakage by using a public DNS (say Google) instead of my ISP provided local DNS?


what-is-a-dns-leak.jpg
 
this should only occur when forwarding requests to a local DNS server (IE your router or DNS server on the local LAN).
Most likely because your VPN service operates at Layer 3 and encrypts traffic as such.
 
Frankly I'm not all that concerned about any possible IP/DNS leakage, but was curious whether anyone else has considered the implications (e.g., what web sites you visit are known despite using a VPN.)

I've discovered that when I don't use my local ISP DNS server, such leakage disappears. So I'm guessing that leakage occurs whenever the DNS server has the same IP as that of the default gateway.
 
It has nothing to do with your local ISP's DNS server. You contradict yourself in the last statements.
You do a lookup to your router, the router forwards to whatever its told is its DNS server.

If you changed your DNS to what your router uses, you would be encrypted
 
syntax said:
It has nothing to do with your local ISP's DNS server. You contradict yourself in the last statements.
You do a lookup to your router, the router forwards to whatever its told is its DNS server.

If you changed your DNS to what your router uses, you would be encrypted
Click to expand...

Not certain I understand what you mean. Note I am using the DNS that my router uses. Most of the time (like 99%) it's the local ISP DNS server.

Anyway, when I change the DNS in my router to some other DNS (say Google for instance), the leakage disappears.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X