DNS Leak Test

A DNS leak exposes which websites you visit to your internet provider – even when you’re connected to a VPN. This test checks whether your DNS requests are being routed through your VPN’s encrypted tunnel or leaking out to third-party DNS servers.

Connect your VPN, then run the test below. Results appear in about 15 seconds.

Independent testing tool Public methodology No sponsored placements Regular re-testing

This VPN leak test requires JavaScript to run. Please enable JavaScript in your browser settings and reload the page.

Is Your VPN Actually Working?

Most VPN leak tests only check your IP. We test 3 attack vectors.

IP Address Verifies your real IP is hidden behind your VPN server

DNS Requests Detects DNS queries leaking outside your encrypted tunnel

WebRTC Finds browser-level IP leaks that bypass VPN tunnels

1 Connect your VPN

2 Click “Run Free Test”

3 Get your verdict in 30 seconds

Free · No signup · Works instantly

Detecting your IP address...

Checking your IP address

Testing for DNS leaks

Testing for WebRTC leaks

IP address matches VPN server, not your location

DNS servers operated by your VPN provider

No WebRTC IP matching your real address

IP Address

IPv6 Address

Location

Network Provider

WebRTC Leak Test

Technical Details

What this test cannot detect

Whether your VPN provider logs traffic
Leaks from apps outside your browser
VPN speed or server performance
Malware or tracking in your VPN app

Embed This Tool On Your Website

Add this free VPN leak test to your site. Automatically stays up to date.

<iframe src="https://vpntesting.com/?vpntest_embed=1" width="100%" height="800" frameborder="0" style="border:none;max-width:860px;"></iframe>
<p style="text-align:center;font-size:13px;color:#9ca3af;margin:8px 0 0;">Powered by <a href="https://vpntesting.com" rel="dofollow" style="color:#6b7280;text-decoration:none;">VPNTesting.com</a></p>

Scan this QR code to test your phone's VPN

Test could not complete

Something went wrong. Please check your internet connection and try again.

ⓘ Last reviewed: April 1, 2026

What Is a DNS Leak?

Every time you visit a website, your device sends a DNS (Domain Name System) request to translate the domain name (like “google.com”) into an IP address. Normally, your VPN routes these requests through its own encrypted tunnel to VPN-operated DNS servers.

A DNS leak happens when these requests bypass your VPN and go directly to your internet provider’s DNS servers – or to third-party resolvers like Google DNS or Cloudflare DNS. When this happens, your ISP (or anyone monitoring those DNS servers) can see every website you visit, even though your actual browsing traffic is encrypted.

Why DNS Leaks Matter

DNS leaks are the most common type of VPN leak. Unlike IP leaks (which expose your physical location), DNS leaks expose your browsing activity. Your ISP can build a complete history of every site you visit, when you visited it, and how often you return. In countries with mandatory data retention laws, this data is stored for months or years.

Common Causes of DNS Leaks

Cause	What Happens
Transparent DNS proxy	Your ISP intercepts DNS requests on port 53, even when you’ve configured custom DNS servers. The requests are silently redirected to the ISP’s own servers.
IPv6 DNS fallback	Your VPN handles IPv4 DNS but not IPv6. Your operating system sends IPv6 DNS queries outside the tunnel.
Smart Multi-Homed Name Resolution (Windows)	Windows sends DNS queries to all available network adapters simultaneously – including ones outside the VPN tunnel.
VPN disconnect without kill switch	Your VPN connection drops briefly. During the gap, DNS queries go through your ISP’s default resolver.
Manual DNS configuration	You’ve set custom DNS servers (like 8.8.8.8) in your OS settings. Some VPNs don’t override these, so queries go directly to Google instead of through the tunnel.

How to Fix DNS Leaks

1. Use Your VPN’s Built-In DNS Protection

Most reputable VPNs operate their own DNS servers and route all queries through the encrypted tunnel. Check your VPN app settings for “DNS leak protection” or “Use VPN DNS servers” and make sure it’s enabled.

2. Enable the Kill Switch

A kill switch blocks all internet traffic when your VPN connection drops. This prevents DNS queries from leaking during brief disconnections. Every major VPN offers this feature – turn it on.

3. Disable Smart Multi-Homed Name Resolution (Windows)

On Windows 10 and 11, open Group Policy Editor (gpedit.msc), navigate to Computer Configuration > Administrative Templates > Network > DNS Client, and enable “Turn off smart multi-homed name resolution.” This prevents Windows from sending DNS queries outside the VPN tunnel.

4. Disable IPv6 (If Your VPN Doesn’t Support It)

If your VPN doesn’t handle IPv6 traffic, disable IPv6 in your operating system’s network settings. This eliminates the IPv6 DNS fallback leak vector entirely.

5. Re-Run This Test After Each Change

After making any configuration change, run this DNS leak test again to confirm the fix worked. DNS leaks can be intermittent – test multiple times over a few minutes to be sure.

How This Test Works

Our DNS leak test sends 20 unique DNS probe requests to specially configured subdomains. Each probe triggers a DNS lookup that we can trace back to the DNS server that handled it. After the probes complete, we analyze which DNS servers resolved the requests.

If all DNS servers belong to your VPN provider’s network, you pass. If any DNS server belongs to your ISP or a third party, we flag it as a potential leak. We cross-reference the DNS server’s ASN (Autonomous System Number) with known VPN and ISP networks to make this determination.

For full details on our testing methodology, see our methodology page.

Frequently Asked Questions

Can my ISP see my DNS queries if I use Cloudflare or Google DNS?

If those DNS queries go outside your VPN tunnel – yes. Using Cloudflare (1.1.1.1) or Google (8.8.8.8) DNS directly means your ISP can still see that you’re making DNS requests to those servers, and a transparent DNS proxy can intercept them entirely. Route DNS through your VPN for actual privacy.

I passed the test but my VPN shows third-party DNS servers. Is that normal?

Some VPNs use public DNS resolvers (like Cloudflare) on their backend, routing your queries through the encrypted tunnel first. As long as the DNS servers are not your ISP’s servers, your queries are not leaking to your internet provider.

Why does the test show different results each time?

DNS leak tests can produce slightly different results between runs. Your VPN may use multiple DNS servers in rotation, or DNS caching may affect which servers respond. Run the test 2-3 times and look at the overall pattern rather than a single result.

Does a DNS leak expose my IP address?

Not directly. A DNS leak exposes your browsing activity (which sites you visit), not your IP address. However, if your ISP knows both your IP address and your DNS queries, they can build a complete profile of your online activity. For a full check including IP leaks, use our combined VPN leak test.

DNS is just one way your VPN can leak. For a complete privacy check, also run:

Full VPN Leak Test – checks IP, DNS, and WebRTC in one pass
WebRTC Leak Test – detects browser-level IP leaks that bypass VPN tunnels
IP Leak Test – verifies your real IP address is hidden

Fingerprinting

Keyboard layout fingerprinting can detect your language and regional keyboard settings by timing keypress events.

Save image: