DNS Leak
NETWORK TOOL
Control traffic flow, DNS behavior, and visible network identity.
Each network guide explains practical routing or verification scenarios before pointing to exact generated flags.
Documentation Navigation
This page is scenario-first (operational workflows, real run order, and troubleshooting). For the full autogenerated command/flag catalog, use the CLI Reference.
File Information
| Property | Value |
|---|---|
| Binary Name | dns-leak |
| Version | 9.0.1 |
| Build Date | REDACTED-BUILD-TIME |
| Rust Version | 1.96.0 |
| File Size | 5.4MB |
| Author | Warith Al Maawali |
| License | Proprietary |
| Category | Network & Routing |
| Description | DNS leak detection and analysis for Kodachi OS |
| JSON Data | View Raw JSON |
SHA256 Checksum
Key Features
DNS Leak Detection & Analysis
| Feature | Description |
|---|---|
| Multi-Interface Testing | Tests all network interfaces simultaneously |
| Leak Identification | Pinpoints exactly where DNS queries are leaking |
| Real-time Analysis | Monitors DNS queries as they happen |
| Comprehensive Reporting | Detailed reports with analysis and findings |
Why DNS Leak Detection is Critical
| Benefit | Description |
|---|---|
| Privacy Protection | Even with VPN/Tor, DNS leaks can reveal your location |
| ISP Bypass Verification | Confirms DNS queries bypass your ISP |
| Configuration Validation | Verifies your privacy setup is correct |
| Continuous Monitoring | Regular testing ensures ongoing protection |
TL;DR - Essential Commands
# Discover available network interfaces
dns-leak discover
# Run DNS leak test on all interfaces
sudo dns-leak test
# Test specific interface
sudo dns-leak test -i eth0
# View results from previous test
dns-leak results --file dns_leak_results.json
dns-leak results --file dns_leak_results.json --json
# Generate detailed report
dns-leak report --id dns_leak_results
Understanding DNS Leaks
What is a DNS Leak?
A DNS leak occurs when your DNS queries bypass your VPN or Tor connection and go directly to your ISP's DNS servers.
This reveals:
| Information Leaked | Description |
|---|---|
| Websites visited | All domains you're accessing |
| Real location | Your actual geographic location |
| ISP identity | Your Internet Service Provider |
How DNS Leak Detection Works
This shows all network interfaces that could potentially leak DNS.
The test process:
| Step | Action |
|---|---|
| 1 | Sends DNS queries through each interface |
| 2 | Monitors where queries are routed |
| 3 | Identifies any leaks to ISP or public DNS |
| 4 | Reports which interfaces are secure |
Testing Specific Interfaces
# Test VPN interface
sudo dns-leak test -i tun0
# Test Tor transparent proxy
sudo dns-leak test -i eth0
# Test with custom timeout
sudo dns-leak test --dns-timeout 10
Analyzing Results
# View test results
dns-leak results
# Get results in JSON format for scripts
dns-leak results --file dns_leak_results.json --json
# JSON output examples for automation
dns-leak test --json # Test with JSON output
dns-leak discover --json # Interface discovery in JSON
# Generate detailed report with analysis
dns-leak report --id dns_leak_results
dns-leak report --id dns_leak_results --json # Report in JSON format
Result Interpretation:
| Status | Meaning |
|---|---|
| SECURE | DNS queries routed through VPN/Tor |
| WARNING | Potential leak detected |
| LEAKED | DNS going to ISP/public servers |
Multi-NIC Examples and Common Leak Scenarios
Multi-Interface Testing Examples:
# Test laptop with WiFi and Ethernet
sudo dns-leak test -i wlan0 # WiFi interface
sudo dns-leak test -i eth0 # Ethernet interface
# Test system with VPN
sudo dns-leak test -i tun0 # VPN tunnel interface
sudo dns-leak test -i wg0 # WireGuard interface
# Test all discovered interfaces
dns-leak discover # Show: wlan0, eth0, tun0, lo
sudo dns-leak test # Test all automatically
Common Leak Scenarios:
| Scenario | Description |
|---|---|
| Split Tunnel VPN | Some traffic bypasses VPN (eth0 leaks while tun0 secure) |
| IPv6 Leaks | IPv6 DNS not routed through VPN |
| WebRTC Leaks | Browser bypassing system DNS |
| Misconfigured Firewall | DNS allowed outside VPN tunnel |
Advanced Commands
For advanced users who need access to all available commands and options, please refer to the auto-generated command reference which includes:
| Feature | Description |
|---|---|
| Custom Testing | Custom DNS server testing |
| Batch Testing | Batch interface testing |
| Timeout Config | Extended timeout configurations |
| JSON Filtering | JSON filtering options |
| Debug Output | Verbose debugging output |
| CLI Reference | All command-line flags and parameters |
Security Notes
Important Security Practices:
| Practice | Description |
|---|---|
| Connection Testing | Test after every VPN/Tor connection |
| Location Changes | Re-test when changing network locations |
| Interface Coverage | Check all interfaces, not just primary |
| Periodic Monitoring | Run tests periodically during long sessions |
| Audit Trail | Save reports for security audits |
Performance
| Metric | Value |
|---|---|
| Test Duration | 5-10 seconds per interface |
| Memory Usage | ~15MB during testing |
| CPU Usage | < 5% during tests |
| Network Traffic | < 1KB per DNS query |
Support
| Resource | Link |
|---|---|
| Website | digi77.com |
| Anonymity Verifier | kodachi.cloud |
| Discord Support | discord.gg/KEFErEx |
| GitHub | github.com/WMAL |
Scenario 1: VPN Tunnel Validation Before Sensitive Work
Verify VPN tunnel integrity and DNS leak protection before conducting sensitive operations.
# Step 1: Check current routing configuration
sudo routing-switch status
# Step 2: Verify VPN interface is active
dns-leak discover
# Expected: tun0 or wg0 listed in available interfaces
# Step 3: Test VPN interface for DNS leaks
sudo dns-leak test --interface tun0
# Step 4: Verify DNS configuration matches VPN
sudo dns-switch status
# Step 5: Check IP geolocation to confirm VPN endpoint
ip-fetch
# Expected: Location matches VPN server, not your real location
# Step 6: Comprehensive network verification
sudo health-control net-check
Cross-binary workflow: routing-switch + dns-leak + dns-switch + ip-fetch + health-control
When to run: Before accessing sensitive resources or conducting privacy-critical work. Automate this with workflow-manager using the connectivity-dns-leak-verify profile.
Scenario 2: Multi-NIC System Audit (WiFi + Ethernet + VPN)
Audit all network interfaces on systems with multiple NICs to identify potential leak vectors.
# Step 1: Discover all available interfaces
dns-leak discover --verbose
# Expected: wlan0, eth0, tun0, br0, etc.
# Step 2: Test WiFi interface
sudo dns-leak test --interface wlan0
# Step 3: Test Ethernet interface
sudo dns-leak test --interface eth0
# Step 4: Test VPN tunnel interface
sudo dns-leak test --interface tun0
# Step 5: Run comprehensive test on all interfaces
sudo dns-leak test --json | tee all-interfaces-test.json
# Step 6: Extract leak detection status
sudo dns-leak test --json | jq '.results[].leak_detected'
# Expected: All values should be "false"
# Step 7: Verify geolocation for each active interface
ip-fetch
Cross-binary workflow: dns-leak + ip-fetch
When to run: On systems with multiple network interfaces or when diagnosing intermittent connectivity issues.
Scenario 3: Split Tunnel VPN Leak Detection
Detect DNS leaks in split tunnel VPN configurations where some traffic bypasses the VPN.
# Step 1: Check routing configuration for split tunnel
sudo routing-switch status
# Step 2: Test physical interface (should show leak if split tunnel)
sudo dns-leak test --interface eth0
# Step 3: Test VPN tunnel interface (should be secure)
sudo dns-leak test --interface tun0
# Step 4: Compare results from both tests
dns-leak results --file dns_leak_results.json --json
# Step 5: If leak detected on physical interface, reconfigure DNS
sudo dns-switch random
sudo dns-leak test --interface eth0
# Expected: DNS now routed through secure servers
# Step 6: Verify no leaks remain
sudo dns-leak test --json | jq '.results[] | select(.leak_detected == true)'
# Expected: Empty output (no leaks)
Cross-binary workflow: routing-switch + dns-leak + dns-switch
When to run: When using split tunnel VPN configurations or experiencing DNS resolution issues.
Scenario 4: Bridge/Container Interface Isolation Testing
Test bridge and container interfaces to ensure DNS isolation in virtualized environments.
# Step 1: Discover bridge and container interfaces
dns-leak discover
# Expected: br0, docker0, veth*, etc.
# Step 2: Test bridge interface
sudo dns-leak test --interface br0
# Step 3: Test primary network interface for baseline
sudo dns-leak test --interface eth0
# Step 4: Compare DNS servers used by each interface
dns-leak results --file dns_leak_results.json --json | jq '.results[] | {interface: .interface, dns_servers: .dns_servers}'
# Step 5: Check for cross-interface DNS leakage
sudo health-control net-check
# Step 6: Generate comprehensive report
dns-leak report --id dns_leak_results --json
Cross-binary workflow: dns-leak + health-control
When to run: When running containerized applications or virtual machines requiring network isolation.
Scenario 5: Post-Connection Comprehensive Verification
Complete network verification workflow after establishing Tor or VPN connection.
# Step 1: Check network connectivity
sudo health-control net-check
# Step 2: Fetch current IP and geolocation
ip-fetch
# Step 3: Verify Tor connection (if using Tor)
ip-fetch check-tor
# Expected: "Connected through Tor" message
# Step 4: Check routing status
sudo routing-switch status
# Step 5: Verify DNS configuration
sudo dns-switch status
# Step 6: Run comprehensive DNS leak test
sudo dns-leak test
# Step 7: View detailed results
dns-leak results --file dns_leak_results.json --json
# Step 8: Generate verification report
dns-leak report --id dns_leak_results
Cross-binary workflow: health-control + ip-fetch + routing-switch + dns-switch + dns-leak
When to run: After establishing any VPN or Tor connection. Automate this with workflow-manager using the base-network-verification profile.
Scenario 6: Investigating and Fixing Detected DNS Leaks
Systematic approach to identify, analyze, and remediate DNS leak vulnerabilities.
# Step 1: Run comprehensive DNS leak test
sudo dns-leak test --json | tee leak-investigation.json
# Step 2: Identify which interfaces are leaking
cat leak-investigation.json | jq '.results[] | select(.leak_detected == true) | .interface'
# Step 3: Check current DNS configuration
sudo dns-switch status
# Step 4: Switch to secure DNS servers
sudo dns-switch random
# Step 5: Verify DNS change took effect
sudo dns-switch status
# Step 6: Re-test for leaks
sudo dns-leak test
# Step 7: If leaks persist, enable Tor DNS
sudo tor-switch start-tor
sudo tor-switch start-tor-dns-nftables
# Step 8: Verify Tor DNS is active
sudo tor-switch verify-tor-dns
# Step 9: Final leak verification
sudo dns-leak test --json | jq '.results[].leak_detected'
# Expected: All values "false"
# Step 10: Generate security score
sudo health-control security-score
Cross-binary workflow: dns-leak + dns-switch + tor-switch + health-control
When to run: Immediately when leak detection test shows vulnerabilities. Automate this with workflow-manager using the tor-dns-verify-leak or tor-dns-fallback profiles.
Related Workflows
- DNS Switch Guide — DNS server configuration and management
- Tor Switch Guide — Tor network and DNS over Tor setup
- Routing Switch Guide — Network routing configuration
- IP Fetch Guide — IP geolocation and Tor verification
- Health Control Guide — Network connectivity and security checks
- Full CLI Reference: dns-leak commands