Test a DNS Leak in 2 Minutes: Complete Methodology + Per-OS Fixes (2026)

TL;DR

Testing for a DNS leak takes 2 minutes: connect your VPN, open dnsleaktest.com and run the Extended Test, then check whether the DNS servers detected are your VPN's (not your ISP's). If the resolved DNS belongs to BT, Comcast, Verizon, Movistar — or whichever ISP you'd normally use without a VPN — that's a confirmed leak.

Three main causes: (1) VPN without "DNS Leak Protection" enabled, (2) Windows Smart Multi-Homed DNS bypassing the tunnel, (3) Browser with DoH enabled separately.

The fix takes 5 minutes depending on the case — detailed below by OS and browser. NordVPN, ExpressVPN, and Surfshark enable DNS Leak Protection by default since 2023 and pass leak tests in 99% of our audit sessions.

Why DNS leaks exist — 4 documented technical causes

TL;DR

Three main causes: (1) VPN without "DNS Leak Protection" enabled, (2) Windows Smart Multi-Homed DNS bypassing the tunnel, (3) Browser with DoH enabled separately.

Why DNS leaks exist — 4 documented technical causes

Test a DNS Leak in 2 Minutes: Complete Methodology + Per-OS Fixes (2026)

Test a DNS Leak in 2 Minutes: Complete Methodology + Per-OS Fixes (2026)

Other newsrooms on this story

Related reading

How to Test if Your Proxy is Leaking DNS: 2026 Setup Guide

Other newsrooms on this story

Related reading

How to Test if Your Proxy is Leaking DNS: 2026 Setup Guide

This serious Android VPN bug can leak your internet traffic – here's what you…

‘Won’t Fix’—All VPN Apps Affected As Google Android 16 Leaks Info

Best VPN services for 2026

Mullvad VPN discloses fingerprinting flaw that could track users across servers…

How to Detect and Fix WebRTC Leaks in 2026 — Complete Developer Guide