Security

What is a DNS leak?

A DNS leak means domain lookups are sent outside the connection path you expected.

Short answer

With a DNS leak, your internet provider or another DNS operator may see which domains your device looks up.

DNS is the address book of the internet

When you type a domain, your device needs to find the IP address behind that domain. This lookup is done with DNS.

Why it matters with VPN

If web traffic goes through the VPN but DNS queries go to your provider’s DNS, the provider can still see which domains are being looked up.

Protection against DNS leaks

Choose a VPN with DNS leak protection, use encrypted DNS where appropriate and test after major changes to VPN, router or operating system.

Common questions

Is DNS the same as IP?

No. DNS translates names into IP addresses. The IP address is then used for the actual connection.

Does private browsing stop DNS leaks?

No. Private browsing clears local history but normally does not change how DNS is sent.

More guides

Security

What is a WebRTC leak?

WebRTC leaks in browsers, how they can reveal network addresses, and what you can do about it.

Read guide Security

Can websites store my IP address?

What websites normally log, why IP addresses are stored, and how privacy rules and security affect handling.

Read guide Security

Public WiFi security

How to protect yourself on hotels, cafés, airports and other public WiFi networks.

Read guide