Kontrollerar anslutning...

How to prevent DNS leaks

PRIVACY

Senast uppdaterad: 21 mars 2020


This guide explains how to keep yourself safe from DNS leaks and why it matters from a privacy perspective.

Instructions to prevent DNS leaks

Mullvad VPN app users

If you’re using the Mullvad VPN app, you are automatically safe from DNS leaks.

Firefox users in the U.S.  Please also see the section below pertaining to you.

Using a router or other VPN software?

If you’re using a router or other VPN software (such as OpenVPN) to access Mullvad’s servers, simply point it toward Mullvad’s own public, non-logging DNS server.

  • Mullvad’s DNS server IP: 193.138.218.74

You can then visit am.i.mullvad.net to easily check whether or not you’re leaking information.

Firefox users in the U.S.  Please also see the section below pertaining to you.

We also have a DNS server running on each VPN server that can only be accessed via the tunnel on this address: 10.8.0.1 (or any other address matching 10.x.0.1).

Firefox users in the U.S.

You are at risk of leaking DNS requests to Cloudflare, no matter which Mullvad setup you have. To prevent this, open Firefox Options > General > Network settings > Settings, then deselect “Enable DNS over HTTPS.”

You can then visit am.i.mullvad.net to easily check whether or not you’re leaking information.

Why are DNS servers important from a privacy perspective?

A DNS (Domain Name System) server is the first point of contact that your browser makes when you try to access information over the Internet. This is the case for every URL you visit, every file you download, and every image that loads on a website, including ads.

Since your browser contacts the DNS server for each and every new domain name request, the DNS server will know which pages you are visiting and what resources you are looking at. Therefore, you are constantly leaking information about what you are doing and when to your DNS server provider, which is usually your ISP (Internet Service Provider) or a big company like Google.

Using Mullvad’s DNS server ensures that you don't leak information to a DNS server provider that may be logging which sites you are visiting. And if, for some reason, your traffic ends up on the public internet, it goes to our non-logging DNS server.

It's worth noting that all our VPN servers hijack calls to our public DNS server and that the DNS requests are processed on a local non-logging DNS server installed on that VPN server. This is done to process requests faster and to leak less information to the internet.