How to Configure Private DNS on Windows with 1.1.1.1 or 9.9.9.9
Switch to privacy-focused DNS providers on Windows to reduce tracking, and let Kudu help you review network settings.
By the Kudu Team
Fix this automatically with Kudu
Run a free system scan to detect and resolve this issue automatically — no manual steps required.
Download Kudu Free →What Causes This?
Windows usually uses the DNS server provided by your internet provider or router by default. That can mean your DNS requests are logged, filtered, or redirected in ways you do not want. If you want more privacy, you need to manually switch to a privacy-focused DNS provider like Cloudflare (1.1.1.1) or Quad9 (9.9.9.9), and in some cases also enable encrypted DNS so requests are not sent in plain text.
Common Symptoms
- Your PC is using your ISP’s default DNS instead of a private provider
- Websites load, but you want to reduce DNS tracking or filtering
- DNS settings keep changing after router, VPN, or adapter changes
- You are not sure whether encrypted DNS is enabled on Windows
- Some network tools show a different DNS server than expected
How to Fix It Manually
-
Open Windows Settings.
- Press
Windows + Ito open Settings. - Click Network & internet.
- Press
-
Open the properties for your active connection.
- If you use Wi-Fi, click Wi-Fi, then select your connected network.
- If you use Ethernet, click Ethernet.
- Find DNS server assignment and click Edit.
-
Change DNS from automatic to manual.
- In the Edit DNS settings window, change the setting from Automatic (DHCP) to Manual.
- Turn on IPv4.
- In Preferred DNS, enter one of these:
- Cloudflare:
1.1.1.1 - Quad9:
9.9.9.9
- Cloudflare:
- In Alternate DNS, enter one of these:
- Cloudflare:
1.0.0.1 - Quad9:
149.112.112.112
- Cloudflare:
-
Enable DNS encryption if Windows offers it.
- For each DNS entry, set DNS over HTTPS or Encrypted preferred, unencrypted allowed if available.
- If you use Cloudflare, select the matching encrypted template for
1.1.1.1. - If you use Quad9, select the matching encrypted template for
9.9.9.9. - Click Save.
-
Optional: set IPv6 DNS too.
- In the same window, turn on IPv6 if your network uses it.
- For Cloudflare, use:
- Preferred:
2606:4700:4700::1111 - Alternate:
2606:4700:4700::1001
- Preferred:
- For Quad9, use:
- Preferred:
2620:fe::fe - Alternate:
2620:fe::9
- Preferred:
- Save your changes.
-
Flush old DNS records.
- Right-click Start and choose Windows Terminal (Admin) or Command Prompt (Admin).
- Run:
ipconfig /flushdns - This clears cached DNS entries so Windows starts using the new server immediately.
-
Verify the change.
- Open Command Prompt.
- Run:
nslookup example.com - Check the Server line. It should show your chosen DNS provider or its resolver address.
- If it still shows your router or ISP, restart your PC and check whether a VPN, security app, or router policy is overriding your DNS settings.
Fix It Automatically with Kudu
Kudu can review your network configuration, spot DNS settings that are missing, inconsistent, or being overridden, and help apply safer privacy-focused settings without digging through multiple Windows menus. It is a faster way to check whether your PC is really using the DNS provider you intended.
Fix this automatically with Kudu
Run a free system scan to detect and resolve this issue automatically — no manual steps required.
Download Kudu Free →Related guides
How to Configure Windows Firewall to Block Unwanted Inbound Connections
Block risky inbound traffic with the right Windows Firewall settings and rules, and use Kudu to help tighten system security.
How to Fix DNS Issues on Windows
Resolve Windows DNS issues and clear stale network caches with Kudu to restore reliable browsing.
How to Flush DNS Cache on Windows
Clear DNS cache on Windows to fix browsing issues and stale lookups with help from Kudu.
How to Audit and Revoke Unnecessary App Permissions in Windows
Review which apps can access sensitive data and remove permissions you do not trust, and let Kudu help with the audit.