How to setup 1.1.1.1 as a DNS server on Windows, Mac, Debian, iOS, Android, or a home router
1.1.1.1 is a new, fast, privacy-focused free DNS service which anybody can use starting April 1st 2018. Although the launching date can be misleading, the service is real and not an April Fool's day joke. The service will compete with Google's Public DNS and OpenDNS, to name just two alternatives from our Top 10 Public DNS Servers list.
In this article we'll cover who made the service, how fast it is, what you'll gain in privacy, and how to setup a regular home router, a Windows, Mac, or Linux PC, iOS or Android phone, to use 1.1.1.1 and 1.0.0.1 as DNS servers. But first, a quick overview of what a DNS server is.
What is a DNS server?
As you may know, your Internet Service Provider (ISP) will usually assign Domain Name System (DNS) servers that your router will connect to when accessing the internet. These servers translate written web addresses (i.e. - Google.com) into IP addresses (216.58.198.110) and vice versa, thus making the web more user-friendly. However, sometimes the DNS assigned by your ISP isn't the fastest one available in your area, so you should seek better ones. This is where DNS servers like Google's Public DNS or the 1.1.1.1 DNS we cover in this article come in handy.
Who's behind the 1.1.1.1 DNS service?
Cloudflare and APNIC Labs, the latter explaining the research agreement they entered with Cloudflare in this blog post.
Cloudflare had the network. APNIC had the IP address (1.1.1.1).
Cloudflare is an US based company who provides CDN, DDoS mitigation, and internet security services. To get a feel of what they offer, we can have a look at their free plan, which provides unmetered mitigation of DDoS attacks, Global CDN, a Shared SSL certificate, and an "I'm Under Attack" mode - the full feature comparison page is here.
Starting April 1st 2018, Cloudflare added this 1.1.1.1 free public DNS service to their list of services. The technical explanation behind it is in this blog post: Introducing DNS Resolver, 1.1.1.1 (not a joke).
How fast is the 1.1.1.1 DNS compared to others?
Cloudflare claims their DNS server is faster than others. 28% faster, in fact, according to global tests done by DNSPerf.
We’ve built 1.1.1.1 to be the Internet’s fastest DNS directory. Don’t take our word for it. The independent DNS monitor DNSPerf ranks 1.1.1.1 the fastest DNS service in the world.
However, you should double-check that for your particular case. Here's how to use DNS Benchmark and Namebench to compare the best DNS servers - in this guide we talk about testing custom DNS servers yourself, on your own Windows, Mac or Linux powered PC. If the process outlined in that article seems too advanced for you, you can at least be sure that, in most cases, the DNS servers provided by default by your Internet Service Provider are slower than Cloudflare's 1.1.1.1/1.0.0.1 servers.
The advanced features the 1.1.1.1 DNS incorporates are:
- Query Minimization RFC7816
- DNS-over-TLS (Transport Layer Security) RFC7858
- DNS-over-HTTPS protocol DoH
- Aggressive negative answers RFC8198
Let's talk privacy
Currently, even when visiting secure https websites, that list of websites you visit can still be collected and linked back to your IP by your ISP, mobile operator or a Wifi network you joined.
Cloudflare states that:
We will never sell your data or use it to target ads. Period.
We will never log your IP address (the way other companies identify you). And we’re not just saying that. We’ve retained KPMG to audit our systems annually to ensure that we're doing what we say.
Frankly, we don’t want to know what you do on the Internet—it’s none of our business—and we’ve taken the technical steps to ensure we can’t.
Cloudflare states that all logs will be deleted in 24 hours and no information that will identify an end user will be stored on those logs to begin with. They talk more on privacy and censorship here.
Setting up 1.1.1.1 DNS on a home router
Besides general information on how to set up 1.1.1.1 as a DNS on any router, we'll cover configuration for a TP-LINK TL-WR1043ND router with up to date TP-LINK firmware.
- Connect to your wireless network.
- Enter your router’s gateway IP address in your browser. For TL-WR1043ND, that address is
http://192.168.1.1
by default. - If prompted, fill in your username and password. This information may be labeled on the router, but advanced users already changed it to something custom in order to increase security.
- In your router’s configuration page, locate the DNS server settings. For TL-WR1043ND, those settings are under DHCP > DHCP Settings. Look for the Primary and Secondary DNS fields.
- Write down any existing DNS server entries for future reference and backup purposes.
- Replace those addresses with the 1.1.1.1 DNS addresses:
- For IPv4: 1.1.1.1 and 1.0.0.1
- For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001 - Save your settings, then restart your browser. The TL-WR1043ND router requires a restart as well.
If you connect your phone, laptop, PC, or other devices to your router's WiFi or LAN network, configuring the router to use the 1.1.1.1 DNS server as outlined above is all you need to do. In that case, you don't need to manually setup DNS servers for all your devices, if those devices are setup to receive network settings automatically. Otherwise, you can manually configure each device, as shown below.
Setting up 1.1.1.1 DNS on Windows
We talked about changing DNS settings in Windows before, but here are the step-by-step instructions for Cloudflare's 1.1.1.1 DNS server:
- Click on the Start menu, then click on Control Panel.
- Click on Network and Internet.
- Click on Change Adapter Settings.
- Right click on the Wi-Fi network you are connected to, then click Properties.
- Select Internet Protocol Version 4 (or Version 6 if desired).
- Click Properties.
- Write down any existing DNS server entries for future reference.
- Click Use The Following DNS Server Addresses.
- Replace those addresses with the 1.1.1.1 DNS addresses:
- For IPv4: 1.1.1.1 and 1.0.0.1
- For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001 - Click OK, then Close.
- Restart your browser. You may need to flush your DNS cache too.
Setting up 1.1.1.1 DNS on MacOS
We covered How to Change Your DNS in Mac before, but here are the step-by-step instructions for Cloudflare's 1.1.1.1 DNS server:
- Open System Preferences.
- Search for DNS Servers and select it from the drop-down.
- Click the + button to add a DNS Server and enter 1.1.1.1
- Click + again and enter 1.0.0.1.
- Click Ok, then click Apply. You may need to flush your DNS cache too.
Setting up 1.1.1.1 DNS on Debian (Linux)
These steps are for Ubuntu, but most Linux distributions configure DNS settings through the Network Manager. Alternatively, your DNS settings can be specified in /etc/resolv.conf
. We covered How to Change Your DNS in Linux before, but here are the step-by-step instructions for Cloudflare's 1.1.1.1 DNS server:
- Click the Applications icon on the left menu bar.
- Click Settings, then Network.
- Find your internet connection on the right pane, then click the gear icon.
- Click the IPv4 or IPv6 tab to view your DNS settings.
- Set the “Automatic” toggle on the DNS entry to Off.
- Provide the 1.1.1.1 DNS addresses in the DNS entries field:
- For IPv4: 1.1.1.1 and 1.0.0.1
- For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001 - Click Apply, then restart your browser. You may need to flush your DNS cache too.
Setting up 1.1.1.1 DNS on iOS
Use the iOS app to do it faster, or:
- From your iPhone’s home screen, open the Settings app.
- Tap Wi-Fi, then tap your network in the list.
- Tap Configure DNS, then tap Manual.
- If there are any existing entries, tap the - button, and Delete next to each one.
- Tap the + Add Server button, then type 1.1.1.1
- Tap the + Add Server button again, then type 1.0.0.1
- Tap the Save button on the top right.
Setting up 1.1.1.1 DNS on Android
Cloudflare recommended that you setup your router to use Cloudlflare's DNS servers instead of your Android phone connected to the router, but now they have an app on Google Play as well, which can be used to easily configure your phone's DNS servers to use 1.1.1.1 / 1.0.0.1.
Bottom line
We encourage you to give this new DNS service from Cloudflare a try and see for yourself how it performs for you.