Encrypted DNS Resolvers
Don't let Google see all your DNS traffic. Discover privacy-centric alternatives to the traditional DNS providers.
|AdGuard||Anycast (based in Cyprus)||Commercial||Some||DoH, DoT, DNSCrypt||Yes||Yes||Based on server choice||Choopa, LLC, Serveroid, LLC|
|BlahDNS||Finland, Germany, Japan||Hobby Project||No||DoH, DoT , DNSCrypt||Yes||Yes||Ads, trackers, malicious domains||Choopa, LLC, Data Center Light, Hetzner Online GmbH|
|Cloudflare||Anycast (based in US)||Commercial||Some||DoH, DoT||Yes||Yes||Based on server choice||?||Self|
|CZ.NIC||Czech Republic||Association||No||DoH, DoT||Yes||Yes||?||?||Self|
|Foundation for Applied Privacy||Austria||Non-Profit||Some||DoH, DoT||Yes||Yes||No||?||IPAX OG|
|LibreDNS||Germany||Informal collective||No||DoH, DoT||Yes||Yes||Based on server choice only for DoH||Hetzner Online GmbH|
|NextDNS||Anycast (based in US)||Commercial||Based on user choice||DoH, DoT, DNSCrypt||Yes||Yes||Based on server choice||?||Self|
|NixNet||Anycast (based in US), US, Luxembourg||Informal collective||No||DoH, DoT||Yes||Yes||Based on server choice||FranTech Solutions|
|PowerDNS||The Netherlands||Hobby Project||No||DoH||Yes||No||No||TransIP B.V. Admin|
|Quad9||Anycast (based in US)||Non-Profit||Some||DoH, DoT, DNSCrypt||Yes||Yes||Malicious domains||?||Self, Packet Clearing House|
|Snopyta||Finland||Informal collective||No||DoH, DoT||Yes||Yes||No||?||Hetzner Online GmbH|
|UncensoredDNS||Anycast (based in Denmark), Denmark, US||Hobby Project||No||DoT||Yes||No||No||?||Self, Telia Company AB|
A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and Anonymized DNSCrypt, a relay-based protocol that the hides client IP address.
Firefox's built-in DNS-over-HTTPS resolver
Android 9's built-in DNS-over-TLS resolver
A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. Warning
With an open specification, DNSCrypt is an older, yet robust method for encrypting DNS.
A lightweight protocol that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by dnscrypt-proxy and a limited number of relays.