Does DNS Test Leak My Real IP Address?

The website which makes the DNS test can only know our DNS provider. It can’t know our real DNS settings or our real IP address behind the proxy.

Question: I use a proxy (in My IP Hide) in the United Kindom. But the DNS servers are in Belgium. Does it leak my real IP address?

Answer: The short answer is No. Below is the detailed explanation.

Websites Know Your DNS IP?

The websites which can show our DNS servers are using the same technology. We use this one as an example: https://dnsleaktest.com

Here is the test result for our My IP Hide server 213.229.74.238 (UK5).

DNS Leak Test
DNS Leak Test for UK5 Proxy

It seems that the website dnsleaktest.com knows our DNS servers. In fact, it only knows the ISP of our DNS because our real DNS servers are 8.8.8.8 and 8.8.4.4 instead of 74.125.x.x.

Let’s see how it detects our DNS servers. First, it makes six new domain names such as these ones.

mx8wdhdrls.dnsleaktest.com
sxg1h57t5o.dnsleaktest.com
nnm7ra7ubq.dnsleaktest.com
o69mq7i0a2.dnsleaktest.com
d4hciffhoy.dnsleaktest.com
988rgz5xdg.dnsleaktest.com

Then it uses javascript to make our browser to connect to those domain names. Our browser needs to know the IP address of them. So it makes a DNS query: “What is the IP address of mx8wdhdrls.dnsleaktest.com”.

The query route looks like this: Our Browser -> UK5 Proxy -> 8.8.8.8 -> other Google DNS servers ->  74.125.x.x -> the name server of dnsleaktest.com (ns1.dnsleaktest.com)

What Are Those DNS IP?

Then the name server of dnsleaktest.com knows we used 74.125.x.x to do a DNS query. It made six new domain names so it can get six  IP addresses which query those six new domain names.

But those IP addresses 74.125.x.x are just edge DNS servers which are on the optimal route. ns1.dnsleaktest.com can’t even know their previous nodes. Neither can it know our real DNS servers (8.8.8.8) or our real IP address which is behind the UK5 proxy. What it actually knows is our DNS provider, Google.

Use DNS Test to Check User’s IP?

First, DNS test can’t get the user’s exact location. For example, websites may get Belgium IP addresses for all the European users, and Taiwan IP addresses for all the Asian users if the users are using Google DNS 8.8.8.8.

Second, DNS test is costly. It needs extra code to make many one-off domain names and read the logs from the name servers. It also wastes the Internet resources, by adding unnecessary DNS queries for those disposable domain names.

Because of the above two reasons (no exact location and costly), most websites won’t use DNS test to block foreign visitors. Getting the IP address from the user’s HTTP request is still the main method.

The Meaning of DNS Leak Test

If you don’t use any proxy/VPN and use the default DNS server settings. You should be using the DNS server of your ISP. You will see Comcast, Verizon, or AT&T in the DNS Leak test result.

In that case, your ISP knows all your DNS queries. Thus it can know all the websites you visited.  That is a DNS leak. Some bad ISP may send fake or invalid IP addresses to your DNS queries. Thus it can block some websites.

Moreover, a DNS test may know your exact location if you are using the default DNS servers of your ISP.

The meaning of the DNS leak test is to check whether you are using a safe DNS provider. These are safe DNS providers.

DNS Provider NamePrimary DNS ServerSecondary DNS Server
Google8.8.8.88.8.4.4
OpenDNS Home208.67.222.222208.67.220.220
Level3209.244.0.3209.244.0.4
Verisign64.6.64.664.6.65.6
DNS.WATCH84.200.69.8084.200.70.40
Comodo Secure DNS8.26.56.268.20.247.20
Norton ConnectSafe199.85.126.10199.85.127.10
GreenTeamDNS81.218.119.11209.88.198.133
SafeDNS195.46.39.39195.46.39.40
OpenNIC23.94.60.240128.52.130.209
SmartViper208.76.50.50208.76.51.51
Dyn216.146.35.35216.146.36.36
FreeDNS37.235.1.17437.235.1.177
Alternate DNS198.101.242.7223.253.163.53
Yandex.DNS77.88.8.877.88.8.1
UncensoredDNS91.239.100.10089.233.43.71
Hurricane Electric74.82.42.42
puntCAT109.69.8.51

How to Fix a DNS Leak

  • Use those safe DNS providers above
  • Use remote DNS if you are using a socks proxy
  • Use a version of OpenVPN newer than v2.3.9
  • Use an HTTP proxy which doesn’t have the DNS leak problem natively
  • Use My IP Hide which is an enhanced HTTP proxy service

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *