With ever growing valuable personal data collection by even the biggest tech giants like Google, Facebook, Microsoft, etc., it is imperative to safeguard your internet privacy. ISPs also can record your internet usage details. Thankfully, VPN service costs have come down significantly and so subscribing to a decent service like NordVPN, ExpressVPN, CyberGhost, etc. has become reasonably affordable.

These top VPN companies are rock solid, trustworthy, and provide end-to-end encryption. Your privacy is really secured if you choose a good VPN service. Unfortunately, there is a bigger hidden problem even when you are using a good service. It’s the DNS leak.

No matter which VPN service you are using, if you are using OpenVPN to connect to your VPN service, chances are that your PC is already revealing your actual IP address due to improper network configuration.

What is DNS Leak?

A DNS leak indicates a security flaw that allows DNS requests to be revealed to internet service provider’s DNS servers, notwithstanding the VPN service to attempt to conceal them. In simple terms, it’s as good as not using a VPN service. This is a huge problem and must be addressed immediately if at all one is serious about hiding the identity.

Checking DNS Leak

There is a number of websites that offer free DNS leak check. One of the best-sophisticated ones I recommend is linked below:

DNS Leaktest

With the VPN service connected, go to their webpage. You may see that it says Hello IP address with location info. This is basic info which may give you an impression that everything is OK. In order to make an in-depth test, click on “Extended Test”.

READ  How to add Windows like Taskbar in Ubuntu GNOME editions
Checking for DNS Leak
Checking for DNS Leak
Test Results
Test Results

In a few seconds, you should see a report of the test which shows IP, Hostname, ISP, and Country. If you see your internet service provider name in the ISP section along with Hostname having your IP address, then it’s confirmed that your PC is leaking DNS! For example in my test PC (above screenshot) without the DNS fix, it was completely revealing my ISP and location though it was connected to the NodVPN service via OpenVPN.

Fixing DNS Leak in Ubuntu, Linux Mint, and elementary OS

This guide is tested to be working 100% in Ubuntu 18.04 LTS but should work without any issues in Ubuntu 17.04, and derivatives like Linux Mint, and elementary OS too. Start with disconnecting the VPN and continue with the Part 1 and Part 2 instructions.

Part 1: Installing dnscrypt-proxy

DNS encrypt Proxy is a powerful networking tool that helps in DNS traffic encryption and authentication. It supports DNS-over-HTTPS (DoH) and DNSCrypt. It can force outgoing connections to use TCP. Additionally, it can block malware and other unwanted content. It is compatible with all DNS services.

Step 1) Launch ‘Terminal’. You can use Ctrl+Alt+T keyboard shortcut in Ubuntu.

Step 2) To make sure you don’t have an outdated version of dnscrypt-proxy, run this command:

sudo apt-get purge dnscrypt-proxy

Step 3) Copy and paste the following commands in the terminal and press enter.

sudo add-apt-repository ppa:shevchuk/dnscrypt-proxy && \
sudo apt update && \
sudo apt install dnscrypt-proxy

Step 4) Restart the services using the commands:

sudo systemctl restart NetworkManager
sudo systemctl restart dnscrypt-proxy

Part 2: Configuring resolv.conf

Step 1) Install resolv.conf by entering the command as follows:

sudo apt install resolvconf
sudo resolvconf -i

Step 2) Next step is to make the Network Manager use the default settings for managing the resolv.conf file by editing the conf file. Proceed to copy and paste the below commands into the Terminal to edit the conf file.

sudo nano /etc/NetworkManager/NetworkManager.conf

Step 3) You will see an editor in the Terminal. Carefully, use the arrow keys to navigate to the first line and then copy & paste the following line below the first line that says [main].

READ  How to Resize Images by Command line in Ubuntu
Editing NetworkManager Conf
Editing NetworkManager Conf

After editing the file it should look something like this:





Step 4) While in the editor, press CTRL X to exit the editor. Enter ‘Y’ to save and then press enter to overwrite the file.

Step 5) Finally restart the services:

sudo systemctl stop systemd-resolved

sudo systemctl disable systemd-resolved

sudo systemctl restart network-manager

sudo systemctl restart dnscrypt-proxy

Step 6) Close all browsers, connect to your VPN service, and then go DNSleaktest page. If everything went well, you should not see your ISP Name leaked in the new test. For example, my test PC connected to NordVPN server shows QuadraNet ISP which is different from my actual provider (Spectrum).

DNS Leak Test
DNS Leak Test

UPDATE: Some users have experienced loss of internet after the change in settings. Looks like the default DNS is getting configured incorrectly. Thanks to BananaSam (in the comment below) for providing the link.

Proceed as follows:

1. Launch Terminal.

2. Enter the following command and hit enter.

nano gedit /etc/systemd/resolved.conf

3. Replace #DNS with DNS=

4. Press Ctrl X and then enter Y to save the file.

5. Restart the computer.

That’s it! How did the tutorial work for you? Do let us know your feedback in the comments below.

Previous articleHow to refresh the Wi-Fi Networks in Ubuntu
Next articleHow to install OpenVPN to connect to NordVPN in Ubuntu
Hi there! I'm Kiran Kumar, founder of FOSSLinux.com. I'm an avid Linux lover and enjoy hands-on with new promising distros. Currently, I'm using Ubuntu as a daily driver and run several other distros such as Fedora, Solus, Manjaro, Debian, and some new ones on my test PC and virtual machines. I have a day job as an Engineer, and this website is one of my favorite past time activities especially during Winter ;). When I'm not writing for FOSSLinux, I'm seen biking and hiking on scenic trails. Hope you enjoy using this website as much as I do writing for it. Feedback from readers is something that inspires me to do more, and spread Linux love!. If you find a time, drop me an email or feedback from the 'Contact' page. Or simply leave a comment below if you found this article useful. Have a good day!

Leave a Reply

6 Comment threads
4 Thread replies
Most reacted comment
Hottest comment thread
8 Comment authors
JanuszBananaSamKelltechMiss VpnIdumea Recent comment authors
newest oldest most voted
Notify of

Nord user for about 2.5 years here. Constantly checking for DNS leaks but I didn’t experience any over the years. Anyone who cannot decide to get a vpn or not – go for it, totally worth the price you pay. This article with some very good providers reviewed might help: https://www.techadvisor.co.uk/test-centre/internet/best-vpn-2018-3657732/.


I am unable to use internet after this, What Can i do to fix it ?

Miss Vpn
Miss Vpn

thanks this is the only thing that worked for me


I have no internet after following these steps exactly. No internet after rebooting, no internet after reversing steps and rebooting again.


Yeah, this has broken my internet too. I wish I read the comments first…

Please update this article; I think it’s doing more harm than good.


Okay, I think I found a fix. I tried a lot of other things too, including undoing the above, so it might not be the whole fix.

Basically use method 2 in https://ubuntuforums.org/showthread.php?t=2358660 .

In case the link goes down, it involves changing “#DNS” to “DNS=” in “/etc/systemd/resolved.conf”.


I forgot my OS is Ubuntu 18.10.