How does a DNS work step by step?
1
Requesting website name
After entering a domain name (for example, by typing it in your browser), your device sends a DNS query to a DNS resolver
2
Linking to IP address
The DNS resolver checks its cache or asks other DNS servers to link the domain name to an IP address
3
Resolving domain name
The DNS resolver gives your device the correct IP address (“resolves” the domain)
4
Connecting to device
Your device attempts to open a connection to the IP address
A private DNS is the one you create and manage as opposed to public DNS services, run by internet service providers (ISPs). It allows its owner to have full control over available IP addresses and network access.
DNS is crucial for the internet functionality, but a private DNS is vital for ensuring your online privacy. Using your ISP’s DNS servers tells it everything you’re doing online — and ISPs are often legally required to keep these records for years. And because the majority of free DNS services are unencrypted, snoops with the right tools can listen in to your connection and monitor your every move.
A VPN uses DNS to help your device navigate. Our private DNS servers will safely handle all DNS requests, keeping everyone else out of the loop. NordVPN will protect you automatically — your ISP will only know that you’ve logged in to our servers, we’ll take care of everything from there.
Free DNS vs. VPNs with private DNS
| Free DNS | |
|---|---|---|
| Shields online activities |
|
|
| Stops DNS hijacking |
|
|
| Encrypts queries |
|
|
| Fast DNS resolution |
|
|
| No unwanted DNS filtering |
|
|
| Integrated smart DNS |
|
|
| Get NordVPN |
Shields your online activities
NordVPN encrypts all of your online traffic, making your DNS queries to our private DNS servers virtually impregnable to others. This protects you from attacks such as DNS hijacking.
Best speeds for gaming
NordVPN handles all of your DNS requests directly using highly optimized DNS servers. Since our sprawling network is regularly upgraded for speed, it’s a great choice if you need a secure DNS server for gaming.
No unwanted DNS filtering
We are opposed to censorship in all forms, including DNS blocking, which stops you from participating in free online discussion. NordVPN offers optional DNS filtering with the Threat Protection feature in place to block malicious websites. It also blocks trackers, flashy ads, and malware-infected files.
Integrated smart DNS
Our aptly named SmartDNS feature gives you a tool to avoid DNS filters and unblock online content without having to encrypt your whole connection. While this can leave you vulnerable, a smart DNS is a great option for those who need speed above all else.
Frequently asked questions
Is a private DNS safe?
A “private DNS” typically refers to a non-public DNS server, so it’s a server that is not available for public use. While it doesn’t guarantee safety, often private DNS servers are secure because they use TLS and HTTPS protocols, offering encryption and protection from eavesdropping. If you still have doubts, you can use a DNS leak test to check your DNS service.
Should I turn a private DNS on or off?
A private DNS server protects you from several types of cyberattacks and doesn’t let third parties snoop on your internet activity. That’s why we recommend always keeping your private DNS on.
What is a private DNS on Android?
A private DNS on Android is a feature that allows you to set a system-wide DNS server using DNS over TLS. In other words, DNS queries from your device, essentially your every click, is encrypted and sent over TLS. You can turn the feature on in the “Advanced” settings under “Network and internet” on your Android.
Does the iPhone have a private DNS?
Yes, you can also set up a private DNS on your iOS devices like iPhones and iPads. To enable private DNS mode, you’ll need to configure it by adding the DNS address under the settings of your Wi-Fi network.
What is DNS filtering?
DNS filtering blocks websites and content at the DNS level (that is, before it can even be opened and loaded onto your device). While it can be used to filter malicious links and inappropriate websites, it’s also a tool for online censorship — public DNS services use filtering to block access to any content deemed illegal by autocratic governments.
What does a DNS flush do?
DNS flushing refers to clearing the DNS cache on your computer. Your device automatically records previous DNS entries to save time in future queries, which can cause issues when the website you’re trying to visit has changed servers. Flushing your DNS cache will force your device to send a new DNS query and connect properly the next time you visit the site.
A private DNS or a smart DNS?
Smart DNS directs your DNS queries through its servers without affecting the rest of your data traffic or changing your IP address. This helps foil automatic protection systems that fire off when you try to visit certain sites from different IP addresses and lets you access networks that only allowlist your real IP (like your workplace).
Unlike a VPN connection using a private DNS, however, a smart DNS will not encrypt your online traffic — you might have an easier time accessing content, but you’ll still be very vulnerable. Most top VPNs offer smart DNS configurations, such as NordVPN’s aptly named SmartDNS feature.
