How to change the DNS settings on your router to improve speed and security

Informatec Digital » Resources » How to change the DNS settings on your router to improve speed and security

If you've ever noticed that your connection is slow, certain websites don't load, or you're worried about the Privacy and security when you browseIt's very likely that changing your router's DNS settings is exactly what you need. Although it sounds technical, it's an adjustment you can make yourself in just a few minutes and it can make a significant difference in how your internet connection performs.

By default, your internet service provider configures automatic DNS servers, but you are not obligated to use them. Choosing different ones may give you better results. More speed, more stability, more security, or even less censorshipLet's take a look at what DNS is, the risks of using unreliable servers, the benefits of changing them at home and in a business, how to do it step by step on your router and on different specific models, and which public DNS providers are most recommended today.

What is DNS and why is there so much talk about changing it?

When you type an address like "google.com" or "facebook.com" into your browser, your device actually needs to connect to a specific numerical IP address of a serverIt would be impractical for users to memorize those number strings for every website, so there is a system that acts as an intermediary.

That system is the DNS (Domain Name System), a kind of giant internet address book or phone directory It links human-readable domain names (xataka.com, avast.com, redeszone.net, etc.) with their corresponding IP addresses. When your computer asks "where is this website?", the DNS server responds with the IP address and the browser connects.

In practice, DNS servers act as translators between human language and network languageThis way you don't have to remember 172.217.0.0 or similar, just a simple name. This translation happens hundreds of times a day without you even realizing it: when you open websites, apps, cloud services, online games, streaming services, updates, etc.

By default, almost all routers on the market use your Internet Service Provider's (ISP) DNS servers. This means that all devices that connect to your network (mobile phones, computers, tablets, game consoles, televisions, smart home devices, etc.) send their queries to those servers. DNS preconfigured by the operator without you having to touch anything.

Advantages of changing the DNS settings on your router

The interesting thing is that you're not forced to use your ISP's servers: you can replace them with others and get concrete benefits in speed, security, privacy or content control that is loaded onto your network.

In terms of performance, an alternative DNS can reduce resolution latency, that is, the time it takes your browser to figure out which server to connect toThis doesn't increase your contracted data allowance, but it can make pages load faster, apps respond more quickly, or allow certain services that were malfunctioning to start working normally.

There is also a clear security component: some third-party DNS providers filter and They block malicious websites, phishing attempts, or domains used for malware.This way, if someone on your network clicks on a dangerous link, DNS resolution can stop it before the page even loads.

In terms of privacy, using servers other than those of your internet provider can help you reduce the tracking your ISP does of your browsing habitsMany public DNS services promise to delete records within a few hours or not to link them to personal information, something that doesn't always happen with the DNS services of Internet providers.

Finally, there is a factor of freedom of access: depending on the DNS you use, You can bypass blocks on certain websites You can set operator-level taxes or, conversely, apply parental controls or productivity filters. By changing the nameserver, you can go from virtually uncensored browsing to a much more restricted environment.

DNS in business environments: advantages and risks

In a corporate network, the issue becomes even more serious because DNS affects productivity, security and business continuityA well-planned change can lead to a leap in quality, but it is also a delicate matter if it is done without planning.

On the positive side, by implementing higher quality DNS servers in the company you can achieve Notable improvements in loading time and stability when accessing websites, cloud-based work platforms, corporate email, and other critical tools. Furthermore, many business services allow the use of redundant DNS servers, so if one fails, another takes over, preventing outages.

Another key advantage for businesses is security: there are providers that offer DNS with advanced filtering, updated blacklists, and protection against suspicious domainsThis significantly reduces the likelihood of an employee ending up on a phishing website or downloading malware by clicking on a link in an email.

However, everything has its downside: a poorly executed change or incorrect configuration can cause a immediate interruption of all services that depend on the networkIf name resolution breaks down, many applications stop working, users cannot access internal or external systems, and the company can lose time and money.

Furthermore, incorrect configuration can lead to compatibility conflicts with certain devices, internal services, VPNs, or integrations. They expect to use specific DNS or internal resolutionsTherefore, in the corporate environment it is advisable to thoroughly analyze the impact, test during periods of low activity and, if possible, use internal DNS or hybrid combinations.

Dangers of using unknown or falsified DNS servers

Not everything goes in this matter: carelessly choosing any DNS you find in a forum or a dubious list can be a bad idea. In the end, All your name resolution traffic goes through that providerSo you're placing a lot of trust in him.

If you use compromised or outright malicious DNS servers, an attacker can manipulate the responses and redirect you to fake websites that mimic legitimate ones (banks, email, social networks, online stores, etc.). This is known as DNS cache poisoning or DNS spoofing on the server.

In these types of attacks, false data is injected into the resolver cache, so that when your computer requests a known website, the server returns an IP address of a server controlled by the attackerThe website you see looks real, but it's actually designed to steal credentials, bank details, or install malware.

There is also client-side spoofing, where the device or specific applications are tricked. Here, the objective remains the same: confusing DNS requests so that the user ends up on fraudulent sites even when you believe you are navigating safe channels.

To counter these risks, there are several measures: on the one hand, technologies such as DNSSEC add cryptographic signatures that allow verification of the authenticity of the responsesOn the other hand, encrypting queries (using DNS over HTTPS or DNS over TLS) makes it harder to intercept and manipulate requests in transit, although it does not protect against all types of attacks on the server.

Influence of DNS on Internet Speed

It's worth clarifying that DNS doesn't change the contracted bandwidth, but it does impact... the speed with which the initial connection is established with each serviceIn other words: it won't make a download speed drop to 1 Gbps if you have 100 Mbps, but it can make websites start responding faster.

The impact is most noticeable in everyday browsing, streaming, and online gaming. A very slow or overloaded DNS server adds extra milliseconds to each query, and that translates into Pages that take longer to load, services that "think" too much, and possible intermittent errors when solving certain domains.

By switching to a DNS with lower latency and better infrastructure, the experience becomes smoother: names resolve faster, the time the browser spends on "searching..." is reduced, and video platforms or online games perform better. They connect faster to the right servers.If the service is well distributed geographically, you'll notice the difference.

However, just because a DNS is very popular doesn't mean it's the fastest in your specific area. Actual performance depends heavily on your... location, the operator you have the line with, and the proximity of the serversTherefore, the ideal approach is to measure your own connection using specific tools.

There are two widely used utilities for this: DNS Benchmark (from Gibson Research Corporation) and DNS Jumper. The first analyzes tens or thousands of servers to show you which ones respond first from your networkThe second allows you to perform quick tests and choose the fastest DNS from a list, even filtering by maximum response time.

How to change DNS: device vs router

You have two main options: modify the DNS on each device (PC, mobile, tablet, console, etc.) or do it directly on the router. Changing it on the device is useful for test without risk and without affecting the rest of the networkChanging it on the router has a global effect on all connected devices.

If you configure it only on your computer, that computer will use the servers you specified, but the router will still ask the operator's default DNS for the rest of the devicesIt's perfect if you want to run tests or if your ISP's router doesn't allow you to change the DNS settings.

However, if you change the router settings, any mobile phone, TV, laptop, or console that connects via WiFi or cable will be affected. will automatically inherit the new DNS serversYou don't have to go one by one, although the change affects the whole house or the whole office and a mistake could leave you without internet on all devices.

Therefore, a prudent approach is usually to first test the chosen DNS servers on a single device. If you see that the connection is working well, pages load smoothly, and there is no unusual behavior, Then it makes sense to apply that same change to the router. to take advantage of it across the entire network.

General steps to change the DNS on the router

Although each brand and model has its own menu, almost all routers follow a similar structure. The generic process for changing DNS settings is usually very similar, with slight variations in the names of the sections.

The first thing is to find out the router's default gatewaywhich is usually 192.168.1.1 or 192.168.0.1. In Windows you can open Command Prompt, run the command ipconfig and check the "Default Gateway" section to confirm it.

With that IP address, open a browser and type it into the address bar. The router will ask for a username and password. Many models come with generic passwords like "admin", "1234", or similar, although it's recommended to use a more robust password. Change those credentials to a strong, unique password. to prevent intrusions into the management of the team.

Once inside the panel, you'll need to locate the "advanced settings," "Internet," "WAN," "Local Network," or something similar, depending on the firmware. Within one of these sections, you'll find fields such as "DNS", "DNS Server", "DNS Servers" or "Static DNS", where you will see the current servers, almost always those of the operator.

The next step is to disable automatic DNS usage (there's usually a checkbox or dropdown menu) and manually enter the addresses of the primary and secondary servers that you want to usesuch as Google, Cloudflare, OpenDNS, or other trusted providers. Then save the settings and restart the router so all devices can start using them.

It's important to remember that changing this setting is not a game: if you enter the addresses incorrectly or select servers that are not responding, The entire network will lose name resolutionIn that case, it would be enough to return to the router's interface (sometimes using a direct numerical IP address instead of a domain) and restore the original values ​​or try other DNS servers.

Practical examples: changing DNS on specific routers

Each manufacturer organizes menus differently, so it's worth taking a look at how it's done in some of the most common models found in homes and small offices. Even if you don't have the exact same model, the structure is usually similar and will serve as a guide.

D-LINK Routers

On a D-LINK router, the typical process involves opening a web browser, typing in the router's IP address (usually 192.168.1.1), and entering the username and password (if you haven't changed them, it's usually "admin" in both fields) and look at the top for the "Advanced settings" option.

Within that menu, go to the "Internet" section and locate the option to Use manual DNS instead of the ISP's automatic DNS serversThere you will see the boxes for "primary DNS server" and "secondary DNS server", where you just have to enter the chosen addresses and save the settings.

Digi ZTE router

If you are a Digi customer and have one of their ZTE routers, the sequence is similar: you access the device's IP address, enter credentials, and go to the section "Local Network" From the main menu. From there you go to "LAN" and then to "DHCP Server".

On that screen, you'll find the fields for the primary and secondary DNS servers associated with the DHCP server, which distributes network parameters to devices. By changing these addresses and selecting "not automatic," you'll ensure that All devices that receive IP addresses from the router should use the new DNS servers.Then just click "Apply" to apply the change.

Vodafone routers and Secure DNS

Many models of Vodafone routers include a feature called Secure DNSDesigned to block malicious sites and certain content, this feature can prevent you from using third-party DNS servers, as it forces the use of its own and "hijacks" the resolution.

To modify the DNS servers on these routers, you need to activate expert mode in the interface, go to the "Internet > DNS & DDNS" menu, and uncheck the Secure DNS box if available. Only then will you be able to Enter external DNS in the corresponding fieldsUnfortunately, in some models the option does not appear or is blocked by firmware.

When there is no way to disable this DNS hijacking on the router, the alternative is to manually configure the servers on each device: for example, in Windows by going to "Network and Internet", opening the adapter properties, selecting "Internet Protocol Version 4" and by selecting "use the following DNS server addresses" to write the new ones.

FRITZ!Box Routers

On FRITZ!Box routers, the change is quite straightforward. After accessing the management interface through your browser, look at the menu on the left and go to "Internet" > "Access Details". At the top, you'll see several tabs, including one called "DNS server".

By default, the active option is usually "Use the DNSv4 server assigned by your internet provider." To customize it, select "Use a different DNSv4 server" and enter your desired DNS servers in the fields. Clicking "Apply" will start the router's process. Use those alternative servers for all connections.

ASUS Routers

On ASUS devices, the menu may vary depending on the model, but the concept is similar. For example, on an ASUS RT-AC86U, you would enter the interface, select "Advanced Settings" on the side panel, and then "LAN" to find the LAN settings. "DNS and WINS server configuration"where to write the desired servers.

On other models, such as the ASUS ROG Rapture GT-AXE11000, the path is "Advanced Settings" > "WAN - Internet Connection". There's a section called "WAN DNS Settings" with an option called "Connect to server automatically". If you change this to "No", you'll be able to Manually set the primary and secondary DNS servers. for the entire network.

Synology Routers

In the Synology ecosystem, once you've logged into your router with your username and password, go to the side menu and select "Local Network". On the "General" tab, you'll see the section for "DHCP Server"where it is possible to specify manual DNS servers instead of those that are automatically distributed.

When you save the changes, the new DHCP leases will include those DNS servers, so any device that gets an IP address from the router will start to use the servers you have configured as preferredwithout needing to adjust each piece of equipment manually.

TP-Link Archer routers and compatibility

In many TP-Link Archer models (such as the AX10, C6, AX55, VR400, etc.), the latest firmware versions have expanded the functionality related to DNS, IPv6, and other advanced features. It is important to review the official support page for your specific modelSelect the correct hardware version and download the datasheet or firmware notes.

Not all routers are sold in all regions, nor do they all receive the same updates, so some DNS functions described in generic manuals may not be applicable. are not yet available in your unitKeeping the firmware up to date is key both for security and to have the latest options.

Which public DNS servers are the most popular and recommended?

There are a huge number of public DNS servers you can use instead of the ones provided by your internet service provider. Some prioritize pure speed, others security, others the absence of censorship, or parental controls. Ideally, you should use a mix of them. Try several and see which one works best. in your connection.

Among the best known and most commonly used at home are:

• Google Public DNSIt offers fast servers with a robust infrastructure. IPv4 addresses: 8.8.8.8 and 8.8.4.4.
• Cloudflare DNSHighly focused on privacy, it is advertised as the fastest resolver. IPv4: 1.1.1.1 and 1.0.0.1.
• OpenDNS (Cisco): Combines performance with security and filtering. IPv4: 208.67.222.222 and 208.67.220.220.
• Quad9 DNS: aimed at blocking malicious domains using threat lists. IPv4: 9.9.9.9 and 149.112.112.112.
• Comodo Secure DNS: service managed by the security company Comodo, focused on Avoid sites with malware or phishing. IPv4: 8.26.56.26 and 8.20.247.20.
• DNS.WatchIt prioritizes neutrality and the absence of censorship, without storing browsing data. IPv4: 84.200.69.80 and 84.200.70.40.

In addition to these, there are many other alternatives: Verisign (64.6.64.6 and 64.6.65.6), FreeDNS, IBM Quad9, Level3, CleanBrowsing (with family filters), Neustrar/UltraDNS, and a long list of other services that They may be more or less interesting depending on what you are looking for (speed, parental control, uncensored, etc.).

There's no single "magic" DNS that's best for everyone. Performance and experience depend on factors like your physical location, your ISP's network, international routing, and current network congestion. That's why it's best to rely on tools like DNS Benchmark or DNS Jumper to obtain a list of optimal servers for your specific case.

DNS Benchmark, for example, allows you to perform a quick analysis of several servers or a much more extensive test of thousands of options spread across the globe. At the end, it shows you Which ones offer the lowest response time from your connection?DNS Jumper, for its part, includes a "faster DNS" feature and latency filters, very useful for those who just want to choose the fastest service available.

DNS, router security, and extra protection

DNS is just one piece of your network security, but an important one. To prevent an attacker from manipulating your servers or exploiting router vulnerabilities, the first step is change the default login credentials of the device and disable remote access that you don't use.

It also helps to change the Wi-Fi network name so it doesn't reveal the router's make and model, and to always keep the firmware updated. This significantly reduces the attack surface against malware. DNS hijacking through the network device itself, a tactic often used by cybercriminals when the device is still using factory settings.

Beyond DNS, you can add an extra layer with tools like a trusted VPN, which encrypts all traffic and makes it harder for anyone to intercept it. View or modify the requests coming from your devicesSome services combine their own DNS servers with an encrypted tunnel, so your Internet provider can no longer see which domains you are querying.

Ultimately, changing your DNS is a relatively simple adjustment that can give you a clear boost in speed, security, and control, especially when combined with other best practices: strong passwords, updated routers, up-to-date antivirus software, and some common sense when browsing and opening links.

• The choice of DNS affects speed, privacy, and security.although the contracted bandwidth does not change.
• Changing the DNS settings on your router applies the change to all devices.Whereas doing it on each device only affects that device.
• There are public DNS servers focused on performance, security, or lack of censorship.Ideally, you should test which ones perform best in your location.
• Avoid unknown DNS servers and protect your router. (firmware, passwords, security features) to avoid facilitating hijacking or spoofing attacks.