A warning about Android 10 and VPNs

If you use a VPN on Android 10, be aware that there are leaks outside the VPN tunnel. I noticed this by logging every outgoing request from an Android 10 tablet (bug fixes as of Sept. 2020) after the tablet made a VPN connection. Every such request is a VPN leak. The leaks don’t happen often, but they do happen.

At first I noticed this with a WireGuard based Android app from a VPN provider. Then, I noticed it using the OpenVPN Connect app. Thus, I conclude the problem is with Android 10.

One leak is TCP requests to IP address on port 853. The IP belongs to NextDNS which the tablet is using as its Private DNS. Private DNS is a relatively new Android feature, so no surprise that it might be buggy.

The other leak is to TCP port 80 to a number of IP addresses (, and that belong to Google. Yes, port 80.

The two leaks happen at the same time, for whatever reason.

What about Android 11?

Have not yet tested Android 11.