I have a question regarding DNS leaks. I connected to a server in Finland using IVPN, and initially, the test indicated no leaks. However, after enabling DNS over HTTPS (DoH) in the Mullvad browser, a subsequent test detected a DNS leak. This leak revealed a UK IP address instead of the expected Finnish one. Should I be concerned about DNS leaks if they only reveal a different IP address?
1 Like
This seems AI-generated but I will answer in good faith.
It is recommended to use the DNS provided by your VPN provider to blend in with other users of the same VPN. Setting your DNS to Mullvad while using IVPN can make you stand out from other users who use IVPN and the Mullvad browser without changing the DNS server to another provider
5 Likes
Websites can recognize you’re using a different DNS server even if you saw a Finnish IP address, as long as it’s not the same IP as your VPN server.
1 Like
Hm, I see. It makes me only to stand out from the others.
Why the thumbs down? Did I say something wrong?
I don’t see how this post seems AI generated
Any1 was right =) I used ai to rephrase that question to a more polished one. I’m not a native English speaker
5 Likes
Since you are using Mullvad’s DNS rather than your VPNs, the IP will inevitably be different. The country may also be different depending on where the DNS provider has servers. I would recommended disabling DoH and just using the VPNs DNS when you are connected to avoid standing out from other users.
3 Likes
Default setting in Mullvad is to use their own DNS. In this case its better to use that. In general though, VPN’s dns should be used yes.
1 Like
Techlore promoted having mismatched DNS and VPN providers just to so people could use some horrid network level filtering.
Don’t do that. DNS is being logged alongside your IPs.
3 Likes
While I agree with everyone else here that its probably best to use your VPNs provided DNS, I do think, especially from the VPN provider, the risk of using a third party DNS is a bit overblown because companies like Proton and Mullvad don’t want a bunch of support issues coming in about third party DNS issues causing problems. As we all know in networking its always DNS 
Proton puts it well
Using custom DNS isn’t unsafe in itself, but we can’t guarantee that it will be as secure as Proton VPN’s DNS service.
3 Likes
Thank you for all your answers. I’ll turn off DNS server then and use the default VPN’s one
2 Likes
I’m not sure to understand. If another DNS is configured on your router, but you then turn on VPN, wouldn’t you use the VPN’s DNS by default?
I’m not sure how you can change the DNS without manually overriding the VPN’s settings?
So, my using Proton WireGuard config on my router and having NextDNS running on my mobile is not advised?
3 Likes
As a novice to this area I have another question, is the firewall service provided by apps like NetGuard/NextDNS/RethinkDNS considered DNS? Are the firewall service and custom DNS provider service two separate things?
I was wondering how feasible this method of using the firewall/DNS service inside the home profile VPN slot and the real VPN service inside the work profile VPN slot (with a connection via a third party SOCKS5 proxy) is. Would it be affected by the safety issue described in this thread (discrepancy between DNS query origin server and eventual IP of VPN visiting the webpage)?
If I only use the firewall service and not the DNS service of NetGuard (first link) or RethinkDNS (second link), does it mean that the website I am visiting cannot tell that my DNS query origin server is different from my eventual VPN IP address, because they are both from my eventual VPN?
The method I am referring to is:
(Old method)
(New improved method)
Are the firewall service and custom DNS provider service two separate things?
With RethinkDNS yes. Use Rethink, its the best one anyway because you can add a wireguard VPN in the app. then it wont consume your only vpn slot.
I still don’t get it.
When I go here: https://1.1.1.1/help
- When I’m on VPN, it will say I’m not connected.
- When I’m not on VPN it will say I am connected.
Which makes sense to me.
How would a website know I have 1.1.1.1 connected on my router (or NextDNS) + Proton/Mullvad/WhateverVPN when I’m connected to the VPN (and VPN DNS)?
That is why my post above wasn’t in reply to you 
If you’re connected to your VPN’s DNS then that is what websites will see.
2 Likes
Ok, I’m still learning, I just wanted to make sure I got this right 