Dann Albright of MakeUseOf explains how DNS leaks can destroy anonymity when using a VPN, how to diagnose such leaks, and what you can do to prevent DNS leaks:
Usually, DNS servers are assigned by your internet service provider (ISP), which means that they can monitor and record your online activities whenever you send a request to the server. When you use a virtual private network (VPN), the DNS request should be directed to an anonymous DNS server through your VPN, and not directly from your browser; this keeps your ISP from monitoring your connection.
Unfortunately, sometimes your browser will just ignore that you have a VPN set up and will send the DNS request straight to your ISP. That’s called a DNS leak. This can lead to you think that you’ve stayed anonymous and that you’re safe from online surveillance, but you won’t be protected.
Obviously this is not good. So let’s take a look at diagnosing and stopping it.