How to Change DNS on Windows 11
Short answer: Go to Settings, Network & internet, your Wi-Fi or Ethernet connection, then DNS server assignment, Edit. Switch to Manual, turn on IPv4, and enter 1.1.1.1 and 1.0.0.1 for Cloudflare (or 8.8.8.8 and 8.8.4.4 for Google). Save. Both are almost always faster and more reliable than your ISP's default, and you can clear the old cache with ipconfig /flushdns.
Settings, Network & internet, Wi-Fi (or Ethernet if wired), click your connection name, DNS server assignment, Edit. Switch from Automatic to Manual, toggle IPv4 on, type in 1.1.1.1 for preferred and 1.0.0.1 for alternate. Save. That’s Cloudflare’s DNS. The other popular option is Google’s — 8.8.8.8 and 8.8.4.4. Either one is almost certainly faster and more reliable than whatever your ISP gave you.
Your ISP’s default DNS server is usually the slowest piece of your internet connection that nobody thinks about. Every time you type a URL, your computer asks a DNS server to translate it into an IP address. Your ISP’s DNS does this in 30-80ms on a good day. Cloudflare does it in 5-15ms. Google is similar. That difference adds up — every page load involves 10-50 DNS lookups for different domains (the site itself, CDNs, analytics, fonts, ads). Switching DNS won’t make your downloads faster, but it makes everything feel snappier because pages start loading sooner.
If you want it through the old Control Panel method that works on every Windows version: Control Panel, Network and Sharing Center, Change adapter settings, right-click your adapter, Properties, find Internet Protocol Version 4 (TCP/IPv4), Properties, select Use the following DNS server addresses. Same numbers. This method also lets you set DNS for IPv6 if your network uses it — 2606:4700:4700::1111 for Cloudflare or 2001:4860:4860::8888 for Google.
Which DNS to Use
Cloudflare (1.1.1.1) is the fastest in most benchmarks. They also run a privacy-focused variant — 1.1.1.2 blocks malware domains, 1.1.1.3 blocks both malware and adult content. Free, no account needed.
Google (8.8.8.8) has been around longer and has slightly better uptime historically. Same privacy trade-off as using anything Google — they log queries for 24-48 hours.
Quad9 (9.9.9.9) blocks known malicious domains automatically. No filtering of legal content, just malware, phishing, and exploit domains. Run by a nonprofit with IBM and Global Cyber Alliance backing. I use this on machines where the user keeps clicking sketchy links.
OpenDNS (208.67.222.222) has been around since before Cloudflare existed. Cisco owns it now. Offers configurable content filtering through their dashboard — you can block categories of sites by creating a free account. The default servers without an account just do standard DNS.
For most people I set up Cloudflare. Fastest, simplest, and the malware-blocking variant at 1.1.1.2 adds a safety layer with zero configuration.
DNS Over HTTPS
Windows 11 supports encrypted DNS natively. In that same Settings DNS edit screen, after entering 1.1.1.1, a dropdown appears for “DNS over HTTPS.” Set it to “On (automatic template)” or “On (manual template).” This encrypts your DNS queries so your ISP can’t see which sites you’re looking up. Without it, DNS queries travel in plain text — anyone on the network path can read them.
Only works with DNS servers that support DoH — Cloudflare, Google, and Quad9 all do. Your ISP’s DNS probably doesn’t, which is another reason to switch.
If you’re using a VPN that handles its own DNS, changing Windows DNS won’t matter while the VPN is connected — the VPN client overrides it. But when the VPN disconnects, Windows falls back to whatever you set here.
Flushing DNS Cache
After changing DNS servers, flush the cache so Windows stops using stale entries from the old server. Open Terminal or Command Prompt and run ipconfig /flushdns. Takes a second.
If a specific website isn’t loading but everything else works, the DNS cache might have a bad entry for that domain. Flush and retry. If it’s still broken and you suspect a broader DNS issue, nslookup followed by the domain name tells you exactly what your DNS server is returning — if it returns nothing or the wrong IP, the DNS server itself has a problem, not your computer.
Frequently Asked Questions
What's the fastest DNS for Windows 11?
Cloudflare (1.1.1.1) consistently wins speed benchmarks at 5-15ms average response time. Google (8.8.8.8) is close behind. Both are dramatically faster than most ISP DNS servers which average 30-80ms. The speed difference affects how quickly pages start loading since every page involves 10-50 DNS lookups.
Does changing DNS make my internet faster?
It makes browsing feel faster because pages start loading sooner — DNS lookups happen before any content can download. It won't increase your actual download speed. If pages take forever to start loading but downloads are fast once they begin, slow DNS is probably why.
What is DNS over HTTPS and should I enable it?
DNS over HTTPS encrypts your DNS queries so your ISP can't see which websites you visit. Without it, every domain lookup travels in plain text. Windows 11 supports it natively — after entering a compatible DNS server (Cloudflare, Google, or Quad9), a dropdown appears to enable it. No downside to turning it on.
Will changing DNS break anything?
Almost never. DNS just translates domain names to IP addresses. Switching providers doesn't change how your connection works. The only exception is corporate networks that require their own DNS for internal resources — if you're on a work laptop connected to a company VPN, leave DNS on automatic or you'll lose access to internal sites.