Home > Internet

How to Find the Best Alternative DNS Server

By Andrew Braun
How to Find the Best Alternative DNS Server Featured Image

Changing your DNS server is a good idea. You will get better security, privacy, accuracy, and speed by switching away from your ISP’s default. You can change your DNS by just entering a few numbers into your computer or router, but figuring out what those numbers can be is a little more confusing. Google and OpenDNS, the popular choices, may not actually be the best, but luckily, they are far from the only options.

Also read: Changing Your DNS Server: Why You Should and How to Do It

What makes a good DNS server?

1. Security

Most ISPs do not use any DNS security, so finding a provider that uses DNScrypt (Very good but requires some setup), DNSSEC (Good but not encrypted), or DNS-over-TLS/DNS-over-HTTPS (Very good but rare) is preferable. Services that use one of these protocols will usually list it in their FAQ or technical information.

2. Privacy

Your ISP probably records your DNS requests, but many alternatives do as well. Try to find a service with anonymous logs (good, fairly common) or no logs (best but hard to find). If the provider doesn’t list their logging policy, just do a search for “[DNS Provider] logging policy.”

3. Accuracy/scope

Most public DNS servers keep more up-to-date records than ISPs, though this is hard to test. Even better, though, some provide access to domains that aren’t even listed on most servers, like “.ti,” which is not an official domain since Tibet is technically part of China.

4. Speed

When it comes to milliseconds, geography matters – the farther your server, the slower the speed. Using a Danish server while you’re in Chile will likely have a noticeable impact on your speed.

Before you settle on a server, test its speeds using a tool like DNS Jumper, DNS Benchmark, or NameBench. If the service you’re testing isn’t listed, all of these tools have fields where you can enter custom DNS addresses. Plug them in, test them, and pick the best ones relative to the others.

dns-programs-custom

Option 1: Big Data

dns-big-data

1. Google Public DNS (8.8.8.8, 8.8.4.4): Fast, reliable, secure, but potentially not private

Pros:

  • User-friendly
  • Great security (DNSSEC and DNS-over-HTTPS)
  • Worldwide reach means top-notch speeds
  • Claims to delete logs within forty-eight hours

Cons

  • Even if they claim their DNS is private, the fact remains that Google’s business model is making money off your traffic.

2. OpenDNS (208.67.222.222, 208.67.220.220): Fast, customizable, and very secure, but definitely not private

Pros

  • Well-maintained servers and good speeds
  • Top-notch security (DNSCrypt) and browsing protection
  • Content-blocking and other settings available

Cons

  • OpenDNS claims not to sell your logs, but they explicitly state that they keep everything
  • They may be censoring some legitimate websites
  • They are owned by Cisco, an IT giant that, again, is getting all your information

3. Others – Level3 Communications – big, reliable, not private, no notable security features

Option 2: Maximum Privacy

privacy-2400px

1. OpenNIC: Wide variety of servers with good security/privacy

Pros

  • Good reputation for privacy and reliability
  • Many servers have no-logging policies and/or DNSCrypt
  • Servers all over the world, so speeds are generally good

Cons

  • Standards can vary widely between servers
  • Requires some trust in server-operators
  • Requires some tech knowledge

2. DNS.Watch (84.200.69.80, 84.200.70.40): High privacy, good security, varying speeds

Pros

  • Great reputation for privacy, no logging
  • Reliable
  • Good security (DNSSEC)

Cons

  • Based in Germany, so speeds are best in Europe

3. Others

  • FreeDNS: Great privacy, no extra security, varying speeds
  • UncensoredDNS: Great privacy, uses DNSSEC, but gets slower as your distance from Denmark increases

Option 3: The Middle Ground

dns-middle-road

1. Quad9 (9.9.9.9, 149.112.112.112): Great security, privacy guarantee, good speeds

Pros

  • Rolled out in 2017 by IBM, so it’s fast and being continuously upgraded
  • Great security (DNSSEC) and a continuously-updated list of blocked malicious websites
  • They claim not to store any personally identifiable information and are non-profit

Cons

  • IBM is still a big corporation that might use your data
  • Auto-blocking malicious websites is nice but may lead to some accidental censorship

2. Verisign (64.6.64.6, 64.6.65.6): Unspecified security, vague privacy, good speeds

Pros

  • Trusted company with plenty of servers
  • Promises not to sell your data

Cons

  • Only promises not to sell your data; is probably still logging it
  • A little light on security specifications

3. Others

  • Comodo: well-known security company, good speeds, automatically blocks malicious sites, but no extra security and probably keeps logs
  • Norton ConnectSafe: another security company, unspecified privacy, can be set to block malicious sites/adult content

Conclusion: Which Is the Best?

The DNS servers listed here represent a significant chunk of the market, though there are others that may also work for your needs. Your best options will vary, but in general, OpenNIC has something for everyone, with Quad9 being a more user-friendly backup option.

Once you change your DNS, don’t forget to check and make sure it worked!

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Andrew Braun Avatar
Andrew Braun
Andrew Braun is a lifelong tech enthusiast with a wide range of interests, including travel, economics, math, data analysis, fitness, and more. He is an advocate of cryptocurrencies and other decentralized technologies, and hopes to see new generations of innovation continue to outdo each other.

Read next

Intricate network of tree roots and moss on a forest hillside, showcasing nature's resilience.
Suzanne Simard sealed paper birch and Douglas fir seedlings inside plastic bags, fed them carbon-14 and carbon-13 dioxide, and nine days later found carbon had crossed between species through fungal threads in the British Columbia soil beneath her boots
Close-up of glowing jellyfish swimming gracefully in deep green ocean waters.
A species of jellyfish called Turritopsis dohrnii can revert its adult cells back to a juvenile polyp stage when injured or starving, effectively restarting its life cycle, and biologists have so far failed to identify any natural limit to how many times it can do this.
Elderly man with beard and bandana, reacting to smartphone while seated indoors.
A Japanese man named Jiroemon Kimura, who lived to 116, was born in 1897 when Queen Victoria still ruled and died in 2013, meaning a single human life personally overlapped with the invention of the airplane, the atomic bomb, the internet, and Instagram
A lively view of Hollywood Boulevard with iconic landmarks and busy street life under a clear sky.
The Hollywood sign originally read HOLLYWOODLAND when it was built in 1923 as a real estate advertisement for a housing development, and it was only meant to stand for 18 months, but nobody ever got around to taking it down and the city eventually adopted it as a landmark
Almost all of the world’s internet traffic does not travel by satellite but through fibre-optic cables lying on the ocean floor, a hidden web of wires crossing the deepest parts of the sea to connect the continents.
People who flip their phone face down on every table aren’t being secretive. They figured out that staying interruptible meant handing their time to whoever rang first
Twitch Vs Youtube Gaming Vs Facebook Gaming Featured
Twitch vs. Facebook Gaming vs. YouTube Gaming: What’s the Best Live Game Streaming Platform?
Laptop on a table with Chrome extensions page and a solid infect extension icon on display
Chrome Extensions Ownership Transfer is a Direct Threat to You: How to Stay Safe