use DNS with DoT (dns over tls) or DoH (dns over https)
This is critical because the most people use a DNS with their own ISP.
The DNS can leak their true location.
Your vpn solution is not complete without DNS encryption.
And please don't forget Linux not just Windows, Apple or Google.
Thanks
-
Notme commented
I think this would also make sense for users who use proton VPN on their router and would like to use a locally hosted DNS server like adguard or Pi hole with DoT or DoH for the upstreams.
Currently this isn't an option and leads to DNS leaks -
COSYOS commented
ProtonVPN's DNS is used, so the ISP's DNS is not used. However, it makes sense to be able to specify DoT or DoH (services of other companies such as NextDNS or AdguardDNS).
-
ohoh commented
If people use a DNS with their own ISP and ProtonVPN they will just use Proton's DNS as soon as they use the VPN and that doesn't leak, since all traffic is protected.
It is a different story when you set a custom DNS server for ProtonVPN and the DNS traffic is forwarded to that custom DNS server. Here DoH or DoT would have to be used to avoid a leak, but tbh. even that DNS leak should just point to your VPN location (not an expert though, so not sure).