According to the changelog for 2024.2:
Security
- Fix DNS leaks in blocking states or when no valid DNS has been configured due to an underlying OS issue. In these cases a dummy DNS will be set to prevent leaks.
I have tested with the current version and it appears to leak exactly like it did before. So any time a person is on an unreliable connection, it is likely to leak their DNS requests.
Procedure:
Always On VPN enabled.
Block connections with VPN enabled.
- Connect to VPN server.
- Verify at Mullvad website than VPN is connected and no DNS leaks.
- Go to ipleak website and verify no DNS leaks. Leave page open.
- Disconnect VPN
- Return to ipleak website open page and see that testing has paused due to disconnected.
- Reconnect VPN
- Return again to ipleak website open page and it will show 4 connections made to your local/ISPs DNS server.
Note I removed all the links as stupid Reddit filters kept blocking my post.
I can replicate that, but i do this.
- start DNS leak test
- turn off Mullvad, Turn on Mullvad quick
- go to DNS leak test web site quick
Have you tried this on GrapheneOS?
That’s the only OS I’ve used on phones for years.
So they haven’t fixed it on their end either 
Nope.
If you check the GOS change logs, they tried to fix it in 2024050900, but in 2024051500 they undid the fix, because it caused other problems.
There are several VPN leak issues in the Github Issues list that are being worked on. It must be a major, fundamental problem with Android for it to take this long to fix.
It’s weird that basically no one seems to pay attention to or care about a problem this severe.
Not only does it mean that the kill switch doesn’t work if you have an unreliable Internet connection (reconnecting often), but in the issues tracker, there’s also one mentioning that multicast packets from apps bypass the killswitch entirely.
So basically VPN on Android is almost totally broken from a privacy perspective right now.
