DNS servers are the internet’s phone book, and switching them is like swapping your outdated, slow directory for a lightning-fast, up-to-date one.
Let’s see this in action. Imagine you’re on your laptop, and you want to visit example.com.
First, your computer asks its configured DNS server, "Hey, what’s the IP address for example.com?"
If your current DNS server is slow or overloaded, that question might take seconds to get an answer.
dig example.com @192.168.1.1 # Your current router's DNS
; <<>> DiG 9.16.1-Ubuntu <<>> example.com @192.168.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
;; Query time: 55 msec <-- This is the latency!
;; SERVER: 192.168.1.1#53 (192.168.1.1)
;; WHEN: Tue Sep 26 10:00:00 UTC 2023
;; MSG SIZE rcvd: 59
Notice that Query time: 55 msec. That’s 55 milliseconds of waiting just to get the IP address. Repeat this for every new website you visit, and it adds up.
Now, let’s switch to a faster, public DNS server like Cloudflare’s 1.1.1.1.
dig example.com @1.1.1.1
; <<>> DiG 9.16.1-Ubuntu <<>> example.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54321
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
;; Query time: 8 msec <-- Much faster!
;; SERVER: 1.1.1.1#53 (1.1.1.1)
;; WHEN: Tue Sep 26 10:01:00 UTC 2023
;; MSG SIZE rcvd: 59
See Query time: 8 msec? That’s a massive improvement. This is the core benefit: faster lookups mean faster browsing.
The system works by having your computer (or your router, which then tells your computer) ask a DNS server for the IP address associated with a domain name. Instead of asking your ISP’s default server, you ask a dedicated, high-performance DNS provider. This bypasses potential congestion or inefficiencies on your ISP’s network.
To make this switch, you’ll typically change settings on your router. Log into your router’s web interface (often at 192.168.1.1 or 192.168.0.1). Look for a section labeled "DNS," "DHCP," or "Internet Setup." You’ll find fields for "Primary DNS Server" and "Secondary DNS Server."
Enter 1.1.1.1 for the primary and 1.0.0.1 for the secondary (Cloudflare’s backup). Alternatively, Google’s DNS servers are 8.8.8.8 (primary) and 8.8.4.4 (secondary).
Save the settings. Your router will then hand out these new DNS server addresses to all devices on your network via DHCP. You might need to restart your devices or disconnect and reconnect them to Wi-Fi for the changes to take effect.
Beyond speed, many public DNS providers offer enhanced security features. They can block access to known malicious websites, preventing you from accidentally visiting phishing sites or downloading malware. Some also offer content filtering, which can be useful for parental controls.
The DNS lookup process, from your device to the resolver, is typically unencrypted by default. This means your ISP, or anyone monitoring your local network, can see which websites you’re trying to visit. Modern DNS protocols like DNS over HTTPS (DoH) or DNS over TLS (DoT) encrypt these requests, adding a significant layer of privacy. While your router might not support these advanced protocols directly, some operating systems and applications can be configured to use them with specific DNS servers.
You might find that after changing your DNS servers, some internal network resources or specific domain names that were previously resolvable no longer work. This is because your ISP’s DNS servers often have special entries for their own services or internal network infrastructure that public DNS servers won’t know about. In such cases, you might need to configure a custom DNS server on your router or individual devices that can handle both public lookups and your local network’s specific needs, or revert to your ISP’s DNS for those specific services.