DNS leak test
What is a DNS leak? To answer this question you should understand what happens when you open any website in your Internet browser.
The browser can connect to website only using IP address. But we usually know websites by their domain names, not by IPs. Yes, we can enter IP in the address bar, but we don't do that. It's inconvenient because IP of website can change and the website can have multiple IPs. The DNS (Domain Name System) is used to get rid of all this hell and to answer the question: what IP address has the website. Instead of knowing IPs of websites, we should know only 1 IP of DNS server. And DNS server can answer us what IP has any website in the Internet.
The operating system (Windows, Linux, MacOs, iOS, ...) usually knows several DNS servers and uses DNS servers in random order. And here might be a problem. Because operating system often contains preinstalled DNS servers by your ISP.
When you are connected to VPN it adds DNS servers from VPN network but not all old DNS servers are removed from your system. Or VPN can leave your DNS servers without changes at all, so you will use old DNS servers (ISP DNS servers). Why ISP DNS servers are dangerouse? Because ISP can watch you even if you are connected to VPN. ISP will know what websites you visit.
How does DNS leak test work?
When you click on start test button the website generates faked subdomain names like lala.blabla.bash.ws etc. Then your browser tries to show nonexistent images from these domains and therefore it would detect IP of each of these faked domains. The browser uses DNS servers which your system uses to do this work. bash.ws can catch all the DNS requests to faked domains and detect what IP had sent the request. This test will show you all these IPs. If the DNS IP is not trusted (it owns by ISP or another not trusted address) you may be in trouble and the test will warn you.
Does DNS leak test support OpenVPN?
Yes. This test supports any kind of VPN connection (IKEv1, IKEv2, L2TP, IPsec, PPTP). This is a system test. It doesn't depend on VPN at all.
Does DNS leak test support Windows?
Yes. You can use it on all versions of Windows, MacOS, iOS, Android or Linux. This test doesn't depend on operating system. All you need is the Internet browser.
How can I check dns leak in terminal (Linux)?
You should use the script available here https://github.com/macvk/dnsleaktest