While VPNs are a great way to surf more privately and get around geo-restricted content, you would be forgiven for wrongly thinking that your IP address and any online activity you have performed will always be concealed.
Unfortunately, no matter whether you are using a top-of-the-line VPN or just a free online VPN, you are still susceptible to IP leaks that can occur in your browser or operating system. So all the while you might think that your IP address is being kept anonymous, it might actually suffer from these leaks which are making you completely detectable online.
Understanding DNS and IP Leaks
Each and every device that can be found on a network will have an IP address which is essentially its identifier on that network. This could be your laptop, a printer, your mobile phone or anything else that can connect to a network such as the internet.
DNS (domain name service) is what the internet uses to allow servers to host more than one website and it works by translating the web address such as www.reddit.com into the given IP address for each website or page that you want to visit.
So when you type in a web address, your browser will send a request to the DNS server which will, in turn, translate that address into the IP address needed to reach that web address. This is called DNS resolution.
Now, when you use a VPN, any DNS resolution request is meant to be done using the custom DNS servers that the VPN requests but this does not always happen. In some case, the DNS request can still be performed by your computer – a DNS leak that will leave your IP address compromised and no longer anonymous.
DNSCrypt is one way you can keep your activities private as it will encrypt any traffic going from your system to the chosen DNS server but this will still not be able to keep your Ip address anonymous.
DNS Leak Test to Detect a Leak
There is something you can do to determine if your VPN is leaking your IP address and that is through performing a VPN leak test on the VPN that you use. This VPN check will show you what IP address is being seen when using your VPN.
In order to perform a DNS leak check, you can make use of one of many IP leak test tools that are available. Many websites and services will have this simple type of tool and they will be able to determine your IP address through a VPN check.
Before you actually test your VPN however, it is important to run a test when you are not connected to the VPN first and foremost. Here you will be able to determine your actual public IP address and the DNS server. Take a note of these before then connecting to your VPN.
Now that you are connected to the VPN, run the DNS leak test again to see what comes up. If the VPN leak test reveals the same IP address and DNS server as before, it means you are suffering a leak.
There are three reasons why your DNS leak check has revealed that you are suffering a leak and these are:
- Leaks Caused by a Browser
IP leaks through the browser are the most common reason for seeing your public IP address when running a DNS leak test. There is always a chance for a leak to occur due to a browser vulnerability by browsers that use the WebRTC API. WebRTC allows certain web applications to run without the need to install any additional extension or plugins.
Stopping this from happening can be done, however, as you can either adjust your firewall settings to block any requests made that are not from within your VPN connection or you can just disable WebRTC in your browser.
- Leaks Caused by the VPN
Another cause for your IP address showing up after a VPN check is that of the VPN itself. This is why you should always use the very best VPNs out there as some might not use their own dedicated DNS servers.
Even if they do provide secure DNS resolution, the VPN can still be a reason for a failed VPN leak test. This can be caused when the VPN is outdated and does not support the IPv6 protocol. This new protocol was created to provide longer addresses due to the old IPv4 protocol starting to run out of addresses to use due to the growth of the internet.
When the VPN tries to connect to an IPv6 enabled website, it will fail the request and will instead turn to send an unencrypted request from outside of your VPN in order to connect. This will result in your actual IP address is visible and will, therefore, result in the DNS leak check failing.
To address this, you should make sure your VPN not only uses its own dedicated DNS server but also supports IPv6. If it does not do the latter, the only other option you have is to disable IPv6 in your operating system. This can be achieved via various guides online.
- Leaks Caused by the Operating System
The final reason why your DNS leak check is turning up failed results could be down to Windows 10. This could be Windows 10 not using DNS server prioritizing with it instead of sending out requests to all DNS servers and going with the first one to respond. This means it could be using your ISPs DNS server instead of your VPNs DNS server on occasions.
Disabling smart-multi homed name resolution in the group policy editor will return Windows 10 back to how previous versions of Windows resolved DNS requests. This is to have a priority list of DNS servers to use.
You should always perform a DNS leak test as often as possible to determine whether you are suffering any leaks. Even if your VPN has shown to pass a VPN leak test on a number of occasions, you should still be performing a VPN check as often as you can just to be on the safe side.