0

Possible DNS Leak. Please Help Diagnose.

Hi,

I recently checked my DNS leak via my usual sites browserleaks.com, www.dnsleaktest.com (extended), and dnsleak.com.

Both dnsleaktest and dnsleak reported the expected with no issues. Browserleaks reports a leak to Cloudflare  (pic attached to post).

 

My question is, can Browserleaks be misdiagnosing? I've never had this issue with their site.

 

Configuration and other things of note:

1.  I'm using the official NextDNS clients for Linux, Android, and Windows.

2.  All devices report the same issue when diagnosing with Browserleaks.

3.  None of the devices, along with the router, are configured to use Cloudflare.

4. I've also temporarily disabled ipv6 per device and router and the possible ipv6 leak persisted.

 

Thanks for taking the time to read.

5 replies

null
    • Martheen
    • 1 yr ago
    • Reported - view

    Curious, does dnscheck.tools gives similar result?

      • Cyntil8ing
      • 1 yr ago
      • Reported - view

      Martheen 

      Thanks for the response. No, it does not (pic attached). It's actually in line with the other online DNS leak checks I've tried reporting that there's no leak. I've attached a pic dnsleaktest.com (extended test) as an alternative sample.

      • R_P_M
      • 1 yr ago
      • Reported - view

       Do you even have IPV6 connectivity? It doesn’t look like it. 
      I’m asking because that cloudflare result is for an IPV6 address.

       I’ve just checked Browserleaks and it’s listing IPV6 addresses even though there isn’t any IPV6 connection to them (currently). I thought they used to hide the IPV6 results if you didn’t have the connection but it seems they aren’t anymore. 

      • Martheen
      • 1 yr ago
      • Reported - view

       These leak tests generate a random subdomain for a special domain and then check on their nameserver where the query for that subdomain comes from. Even if the client device has no IPv6 connection to the leak test, the DNS server might use IPv6 to query the nameserver.

      • Cyntil8ing
      • 1 yr ago
      • Reported - view

       

      Currently, I do. The router is on "native" ipv6 mode. Functionally and as reported by router and external sources, ipv6 is active.

      That's what makes the Browserleaks test unusual. Even when I've disable the ipv6 protocol, I still get the ipv6 address leak that's exclusive to Browserleaks. The other DNS leak detection sites aren't detecting any sort of leak.

Login to reply

Content aside

  • 1 yr agoLast active
  • 5Replies
  • 417Views
  • 3 Following