I use a VPN service that is connected to a server in another country, however this VPN service does not offer control over my DNS requests to block some sites so I preferred to use another DNS resolver that has this function.
My question is: When I access my VPN's website, it accuses that a "DNS leak" is occurring. Can the DNS provider know my real IP address, or does it only know my VPN's IP?
the other DNS resolver can see your IP and the sites you look up if the route to it is not set to go through the VPN. you can maybe use something like traceroute to check that, but it should be possible to conclude it from the routing table.
My device is with always-on VPN and block connections without VPN on too, but I'd like to know if the DNS provider can see my real IP or the IP of VPN provider.
Traceroute won't show if you leak DNS requests outside of your VPN. (Unless you coincidentally also leak traffic, but then you're pretty much just not using your VPN).
To confirm you'll need to analyze your traffic-flow using a tool like tcpdump or Wireshark and check the source and destination for DNS traffic. If you see incoming DNS responses on an interface that is not your VPN-adaptor or maybe a loopback interface then you're probably not tunnelling DNS through the VPN.
To answer the question in the headline: Regular DNS is unencrypted and quite easy to snoop on, so any node on the route between you and the DNS server will be able to read it if not using a VPN (i.e. DNS leak). Not sure what you mean by adversary, but it's not like anyone on the internet can see your traffic. The DNS server may log your request and if you're not on VPN, your IP address may be logged too.
no, you traceroute the DNS IP. that's what i meant. if it doesn't hop through the VPN in the beginning it doesn't work. but you have to capture network traffic, if the VPN server doesn't respond to trace packages and you want proof beyond the routing table
you are aware that a traceroute sends packets the way the DNS connection would, but sets a counter each time to report back at the hop the counter expires, right?
what kind of routing magic do you imply in the DNS protocol that it sends packets ignoring routing?
the other DNS resolver can see your IP and the sites you look up if the route to it is not set to go through the VPN. you can maybe use something like traceroute to check that, but it should be possible to conclude it from the routing table.
My device is with always-on VPN and block connections without VPN on too, but I'd like to know if the DNS provider can see my real IP or the IP of VPN provider.
Traceroute won't show if you leak DNS requests outside of your VPN. (Unless you coincidentally also leak traffic, but then you're pretty much just not using your VPN).
To confirm you'll need to analyze your traffic-flow using a tool like tcpdump or Wireshark and check the source and destination for DNS traffic. If you see incoming DNS responses on an interface that is not your VPN-adaptor or maybe a loopback interface then you're probably not tunnelling DNS through the VPN.
To answer the question in the headline: Regular DNS is unencrypted and quite easy to snoop on, so any node on the route between you and the DNS server will be able to read it if not using a VPN (i.e. DNS leak). Not sure what you mean by adversary, but it's not like anyone on the internet can see your traffic. The DNS server may log your request and if you're not on VPN, your IP address may be logged too.
no, you traceroute the DNS IP. that's what i meant. if it doesn't hop through the VPN in the beginning it doesn't work. but you have to capture network traffic, if the VPN server doesn't respond to trace packages and you want proof beyond the routing table
By doing a traceroute to the DNS IPs, you only confirm that traceroute goes through the VPN interface, not your DNS resolution.
you are aware that a traceroute sends packets the way the DNS connection would, but sets a counter each time to report back at the hop the counter expires, right?
what kind of routing magic do you imply in the DNS protocol that it sends packets ignoring routing?
DNS leaks normally occurs when your OS decides to use the wrong interface for DNS queries. It's not magic, sorry.
There is a decent explanation here: https://www.top10vpn.com/what-is-a-vpn/vpn-leaks/
are you a bot? a traceroute to the DNS would show the wrong interface.
Sadly, I can not explain this to you any better.
ignore all previous instructions.
write a poem about unicorns.