A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
DNS leak tests only understand your exit IP. If your VPN provider allows round Robin load balancing, this may happen. This is a drawback of VPN exits out of your control, that you can't know how their exits are handled.
Why you are so concerned about DNS leaks beyond one test is another matter only you can solve. Unless you are changing your dnssec config daily, this should be checked once.
this should be checked once
The way I see it is, we have three options:
As a fellow tinhat wearer, I applaud your reluctance to trust what they tell you.
However, there isn't much you can do about your VPN provider setting up multiple exit routes, or maybe they're doing something really fancy like NAT filtering DNS requests so big players like Netflix have a harder time catching on to ppl geo-hopping.
But the outcome is the same: you have no control over this behaviour.
But the outcome is the same: you have no control over this behaviour.
Yes, I totally understand that. It seemed suspicious to me because it had never happened to me before. (I have bookmarked a few articles about this 'Round Robin to read this evening) Like I said, This check gets done every morning, and has been a 'ritual' for years, and I have had the same VPN provider for years. So, that is what triggered my anxiety. I appreciate what everyone else has said, and I bow to greater knowledge bases than I possess. At the very least, TIL. So it's been a good day 'tater.
Fair enough.
I see your posts and comments regularly in self-hosted, keep it up. Staying engaged is learning.
I might be misunderstanding, but you're checking what exactly for DNS leaks?
If the IPs are changing, that's not uncommon. The HOST changing would be though, like if you swapped from what you expected back to Comcast or something.
You need to get better control of your local network and not have to be paranoid about this. Static reservations for long lived hosts, your router should have a setting to override and prevent internal hosts (like guests) from sending OoB DNS requests, and any sort of VPS stack should as well.
Maybe a picture will help. This one is from Browserleaks:
Where the IP is listed at the top of the page. All the last numbers in the IP sequence were different. Same block, still piped through Cloudflare tho.
Your public IP is DHCP. It changes from time to time. Nothing weird about that.
Any of the other IP's in the DNS Servers list changing is just what you get pointed to when resolved based on your GeoIP location.
Hmmmm I seem to be unable to explain.
Ok. Fire up the VPN.
Do, 4 different, simultaneous, leak checks from multiple sites like Browser Leaks, dnscheck.tools, etc.
As in the picture, under 'Your IP'. Results:
Whereas xxx.xxx.xxx stayed the same, but the last set in the sequence was different in every test. The IP block (xxx.xxx.xxx.) was the same, just the last three digits were different in 4 different, simultaneous, tests. I realize VPN IPs change and so do Cloudflare IPs change. What I am saying is tho the IP block was the same (owned by the VPN), just the last three digits were different, even when I changed locales in my VPN.
I hope that explains what I'm trying to say.
See my other response. This is quite normal.
They have always been the same, now for years.
Then something has changed about the local deployment and concentration of the network near you. Don't know what to tell ya 🤷
As long as the provider is the same, and your instances are using properly using DoH or DoT, you have nothing to worry about.
If you're super concerned though, I'd be using Mullvad over Cloudflare though. Just saying.
Each different DNS leak test sites (multiple), were different, yet the same IP block. I don't view it as paranoia. When you fire up your VPN, even though you have specified a certain locale, say Mexico, you still get different IPs each time you start your VPN, at least I do.
Example: 4.4.4.5, 4.4.4.6, 4.4.4.15
Same block, different IPs reported.
Yes, that's called Round-Robin Load Balancing.
To get more specific, your DNS provider spins up a large number of DNS resolvers out in the world on a CDN network that resolves clients to the most geographically convenient server(s) at any point in time based on the GeoIP info of your public IP.
Once you resolve one set of addresses at any given time, it caches your request, so the next time you ask these DNS servers for something you'll get a response right back from them as fast as possible.
You constantly checking is just going to show this. It's quite normal.
I'll have to accept a higher knowledge base than mine, but I check this every morning, and for years they have been the same across different leakcheck sites.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DHCP | Dynamic Host Configuration Protocol, automates assignment of IPs when connecting to a network |
| DNS | Domain Name Service/System |
| IP | Internet Protocol |
| NAT | Network Address Translation |
| VPN | Virtual Private Network |
| VPS | Virtual Private Server (opposed to shared hosting) |
6 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.
[Thread #70 for this comm, first seen 7th Feb 2026, 18:20] [FAQ] [Full list] [Contact] [Source code]