How to prevent DNS leak?
That tool will say you are leaking dns unless you are on mullvad’s own servers. Check using the NextDNS tool on the nextdns setup page instead.
A DNS leak test is not a pass/fail test; it’s an informational test. It’s purpose is to tell you which DNS servers were used to send their test servers queries. DNS leak tests provided by VPN services typically assume you want to use their DNS servers, so they make it appear as a pass/fail test, since they believe you should be using their DNS servers.
If you intentionally configured NextDNS, then it is expected for a VPN client to display some information like this.
DNS leaks are not a thing. These tests are pointless. Mullvad’s DNS leak tests only tell you if you’re using Mullvad’s DNS server or some other DNS server.
that mullvad test page is very weird, I believe their system are out of date about other dns servers. I don’t trust it. try extended test on https://www.dnsleaktest.com/ and https://dnscheck.tools. edit, also https://browserleaks.com/dns by EFF.
You have to use some dns server, or you can’t use the internet.
Using next you leak that you use next, but not your ISP which is the default for most people.
Just as anyone using mulvad leaks that they’re using mulvad…
I use Mullvad and I second this. They assume that you are using ONLY their services, so anything outside of that is interpreted as a leak. For basic users, a simple test to check their VPN. If you are into custom DNS filtering, ignore that “tool” 
How are all these DNS services compare to each other? How to prevent leakage?
this. I have only seen once an accurate report of a dns leak, and it was the native iOS private dns and vpn implementation leaking to apples’ dns servers.
If you’re using non-Mullvad, it will always say it is “leaking” since the IP of the DNS server isn’t Mullvad’s IP, regardless of the site you use. If you’re really concerned just use Mullvad’s included DNS settings when using Mullvad. As long as the IP location on any of these tests is not one which you wish to mask (e.g. your local ISP which may reveal your city) then it doesn’t really matter. If you’re worried about governments issuing warrants for the data then use Mullvad’s DNS since it’s probably no-log like their VPN.