Private, Encrypted DNS
Keep your DNS requests inside the VPN tunnel. Shieldeum routes DNS through the VPN server you're connected to to help prevent leaks and reduce ISP tracking.
Designed to avoid DNS leaks on public Wi-Fi and home networks.
What is DNS?
DNS (the Domain Name System) is the "address book" of the internet. Every time you type a website address, DNS translates that human-readable domain name into the numerical IP address your device needs to connect.
Without protection, your DNS requests can reveal which websites you're trying to reach, even when the content you view is encrypted with HTTPS. Anyone monitoring your DNS traffic, such as an ISP or a local network operator, can build a log of the domains you visit.
A VPN helps protect your traffic by encrypting the connection between your device and the VPN server. Private DNS takes that further by keeping your domain lookups inside the same encrypted tunnel.
DNS can expose:
- Websites you attempt to visit (domains)
- When you visit them
- Patterns that can be used for profiling
Why private DNS matters when you use a VPN
A DNS leak happens when your device sends DNS queries outside the VPN tunnel, typically falling back to your ISP's default DNS resolver. When this occurs, your ISP (or local network operator) can see which domains you're requesting, even though your other traffic is encrypted.
This can partially defeat the privacy goals of using a VPN. If your DNS queries are visible, the domains you visit are exposed, and networks can potentially block or redirect your requests.
Shieldeum is built to keep DNS resolution tied to the VPN connection, so your domain lookups travel through the same encrypted tunnel as the rest of your traffic.
Common causes of DNS leaks
- Misconfigured network settings
- Captive portals and restrictive Wi-Fi
- IPv6 / dual-stack edge cases
- Some router or OS overrides
- VPN disconnects and reconnects
How Shieldeum DNS works
A clear, step-by-step look at how your DNS queries stay inside the encrypted tunnel.
When you connect to Shieldeum VPN, the app sets a local DNS IP address on your system. This resolver address only works through the VPN tunnel, it doesn't resolve on the open internet. DNS resolution itself runs on the VPN server you're connected to, meaning your queries travel inside the encrypted tunnel and are resolved server-side. The result: DNS queries don't leak to your ISP's DNS by default.
Connect to a Shieldeum VPN server
You open the Shieldeum app and connect to any server in the network.
Local DNS resolver is assigned
The app assigns a local DNS resolver address on your device that only resolves through the tunnel.
DNS queries travel through the tunnel
Your DNS requests go through the encrypted VPN tunnel to the connected VPN server.
Server-side resolution and secure return
DNS is resolved on that VPN server and the response is returned securely through the tunnel.
This design keeps DNS tied to the same server location as your VPN session, reducing mismatches and accidental leaks.
What you get with Shieldeum Private DNS
Helps prevent DNS leaks
DNS queries are routed through the encrypted VPN tunnel, reducing the risk of accidental exposure to your ISP.
Reduces ISP visibility
Your ISP sees VPN traffic, not the individual domains you visit, helping reduce domain-level tracking.
Avoids third-party DNS exposure
On public Wi-Fi, DNS queries stay inside the tunnel instead of going to the network's default resolver.
Consistent DNS location
DNS is resolved on the VPN server you're connected to, aligning your DNS location with your VPN session.
Better resistance to DNS-based blocking
Because queries go through the tunnel, local networks have less ability to filter or redirect your DNS requests.
Built for real networks
DNS leak protection that works where you actually use the internet.
Public Wi-Fi (airports, cafés, hotels)
Keep your DNS requests private from local network operators who may log or redirect your queries.
Home ISP
Reduce domain-level tracking by routing DNS through the VPN tunnel instead of your ISP's default resolver.
Travel & restrictive networks
Avoid forced DNS resolvers that can block, filter, or redirect your browsing requests.
Switching networks
Designed to re-apply DNS settings when reconnecting, helping maintain protection as you move between networks.
How to test for DNS leaks
Connect to Shieldeum VPN and choose any server.
Visit a DNS leak test tool (search for "DNS leak test" in your browser).
Confirm the DNS resolver shown is not your ISP and aligns with the VPN server location.
If the test shows your ISP's DNS, try switching servers and reconnecting.
If the issue persists, contact our support team for help troubleshooting.
Results can vary by OS, browser, and IPv6 settings — our Support team can help you verify.
Frequently asked questions
Keep your DNS private
Shieldeum routes your DNS inside the encrypted VPN tunnel — reducing leaks and ISP exposure.