Privacy problem when using Cloudflare DNS connected to a VPN

dash-dns
#1

If you use a VPN to disguise your IP location, and you use Cloudflare in your computer as your local DNS, in order to make DNS requests fast Cloudflare nearly always uses servers in the country where you live in so when the DNS leaks, an observer will know what country you live in because Cloudflare DNS servers are always located locally.

But if you use Google DNS, there is no guarantee that the observer will know where you live, my experience from Europe with Google DNS is that they centralise their DNS servers in a couple of countries.

Ideally, I would want to be able to ban DNS servers in certain countries, even if that means speed will suffer. Unfortunately I donĀ“t think this can be done. Fortunately most VPN providers set up their own DNS, but if you have to disable them for some reason your local Cloudflare DNS is all you have.

If you did not understand my post, set up your computer DNS with Cloudflare, connect to a VPN giving you an offshore IP, disable the VPN provider own DNS in settings, and visit DNSLeak.com and you will see your country Cloudflare DNS servers listed there.

#2

A good DNS service will resolve addresses from the fastest route it can. If you want anonymity you cannot trust on a bad designed DNS resolving. One solution is routing your NS queries trough your VPN.