В связке принимают участие Windows Server 2012R2 и Ubuntu 14.04.5. Первоначальной задачей была необходимость отображения имен вместо ip адресов в приложение SARG (анализатор лог-файлов) на Linux системе. Так как в нашем случае настроен домен, первичным ДНС выступает Windows.
Локальная сеть 10.10.12.0/24
Primary DNS 10.10.12.2
Secondary DNS 10.10.12.1
Первый этап:
Добавление обратной зоны Windows Server Primary DNS.
1. Открываем DNS
Панель управления — > Администрирование -> DNS
2. Нажимаем правой кнопкой мыши на Зоны обратного просмотра и выбираем Создать новую зону
3. На 2-ом шаге «Тип зоны» выбираем Основная зона и ставим галочку на Сохранять зону в Active Directory (доступна только для DNS-сервера, являющегося доступным для записи контроллером домена)
4. На 3-ем шаге выбираем Для всех DNS-серверов, работающих на контроллерах домена в этом домене (ваш домен)
5. Обратная зона будет у нас для IPv4. Выбираем на 4-ом шаге.
6. Далее указываем идентификатор сети
7. На следующем шаге выбираем
Разрешить только безопасные динамические обновления (рекоменд. для AD)
8. Создание обратной зоны выполнено.
Записи PTR автоматически появятся в списке.
9. Дальше нам нужно разрешить передачу зон на Secondary DNS
Заходим в свойства зоны и переходим на вкладку Передачи зон
Ставим галочку на против Разрешить передачи зон:
только на серверы из этого списка
Ниже нажимаем на Изменить и добавляем ip адрес Secondary DNS
Второй этап:
Добавление обратной зоны на Ubuntu Secondary DNS
Первоначальную установку пакета описывать не буду, сразу перейдем к настройке.
1. Открываем файл /etc/bind/named.conf.options
после строчки
directory «/var/cache/bind»;
добавляем
allow-query { any; };
version «Super DNS server»;
allow-recursion { none; };
ниже находим строчку dnssec-validation auto;
её нужно за комментировать
сохраняем.
2. Открываем файл /etc/bind/named.conf.local
добавляем туда
zone «12.10.10.in-addr.arpa» IN {
type slave;
file «/var/cache/bind/12.10.10.in-addr.arpa»;
masters { 10.10.12.1; };
};
сохраняем.
3. Перезапускаем сервис bind
service bind9 restart
или
/etc/init.d/bind9 restart
Готово.
Вступление
Протоколы DNS являются частью основных стандартов Интернета. Они определяют процесс, при котором один компьютер может найти другой компьютер на основе его имени. Реализация протоколов DNS означает, что сервер содержит все программное обеспечение, необходимое для создания запросов и ответов службы доменных имен.
Минимальные требования сохранения данных требуют для каждой доменной зоны, не менее двух DNS серверов. Первый сервер DNS называют первичный, он же primary, а по- новому master. Остальные сервера, а их может быть минимум один, а максимум 12, называют вторичные сервера DNS, или иначе secondary, по- новому, slave. По-новому, это начиная с DNS Bind 8-ой версии.
Примечание: BIND это программа для реализации протоколов системы доменных имен (DNS). Название BIND расшифровывается как “Berkeley Internet Name Domain”, так как программное обеспечение возникла в начале 1980-х годов в университете Калифорнии в Беркли. В последние годы слово BIND стала больше, чем аббревиатура.
- Первичный и вторичные DNS не обязательно должны находиться на домене, за который отвечают.
- Первичный и вторичные DNS оба являются авторитативными серверами.
Первичный (primary, master) сервер DNS
Master сервер DNS хранит полную, оригинальную базу данных своей доменной зоны. Данные хранятся в файлах.
При запросе к первичному серверу DNS, он дает авторитативный ответ, благодаря которому по домену находится IP ресурса.
Важно понимать, что только на master сервере можно вносить изменения в базу данных DNS. Повторюсь, только на первичном сервере DNS, хранится база данных доменных имен прикрепленной к серверу доменной зоны этого DNS.
Вторичные (secondary, slave) сервера DNS
Как я уже упомянул, для каждой доменной зоны должно быть создано или прикреплено минимум два сервера DNS. Именно минимум. Число вторичных серверов может быть до 12. В большинстве своем, такое количество вторичных серверов это перебор. Как правило, с запасом, достаточно трех вторичных DNS. Да вы и сами видели, что у любого регистратора доменных имен, не больше четырех полей для ввода адресов DNS серверов. Один для первичного сервера, три – для вторичных.
На вторичных DNS серверах база данных имен не храниться, она периодически считывается с первичного сервера, естественно по сети. Периодичность считывания, определяется в записи DNS типа SOA (параметр Refresh, в секундах). Обычно, 3600 секунд, то есть информация на вторичном сервере обновляется каждый час.
Обращу внимание, что считывать данные любой вторичный сервер может не только с первичного сервера, но и любого вторичного. В этом случае, этот сервер с которого считывается информация, будет master сервером для вторичного сервера.
Как лучше разместить первичный и вторичные DNS
Нужно понимать, если DNS сервер «падает», то все сайты, находящиеся в доменной зоне этого DNS падают тоже. Если падает первичный сервер, отвечать на запросы начинают последовательно вторичные DNS сервера. А вот тут и проблема, если все DNS сервера лежат в одной сети, то при падении этой сети, падают все DNS. Отсюда простой вывод, «не нужно хранить все яйца в одной корзине» или в нашем случае, нужно разнесите DNS сервера по разным хостам, а еще лучше по разным территориальным зонам.
Например, хостинг – провайдер предоставил вам два сервера DNS для вашего домена. Правильнее наоборот, он включил ваш домен в доменную зону своих DNS серверов. Найдите в Интернет, сервер вторичных DNS (платный или бесплатный) и дополните свои первичный и вторичный сервера, сторонними DNS серверами. Тем самым, вы обезопасите свой ресурс на случай падения DNS серверов провайдера.
С хотингами могут быть проблемы с добавлением сторонних DNS серверов. У каждого провайдера, своя «песочница» и он устанавливает свои правила. Некоторые хостинги ограничивают клиентов, только своими DNS. Другое дело если у вас, сервер VPS/VDS. Здесь вы полный хозяин и можете сами создавать DNS сервера на своем домене. И опять-таки, на VPS создайте два своих DNS сервера и дополните их двумя сторонними, и лучше разными, DNS серверами.
Где необходимо регистрировать DNS сервера
DNS сервера должны быть прописаны (зарегистрированы) на вашем хостинге или сервере и у регистратора доменных имен. На сервере вторичных доменных имен вы регистрируете только свой домен и берете их вторичные DNS. Независимо от места прикрепления, ваш домен и ваши DNS сервера должны быть зарегистрированы, а, следовательно, связаны:
- У регистратора имен;
- На вашем хостинге или сервере (раздел сервера DNS, управление DNS);
- На сервере вторичных DNS (если используете).
Выводы
- Для работы сайта, его домен должен попадать в доменные зоны, которые обслуживают, первичный и вторичные DNS сервера;
- DNS серверов должно быть, как минимум два. Один первичный и один вторичный DNS. Для более надежной работы сайта, дополните два DNS сервера, еще двумя дополнительными вторичными серверами. Желательно третий и четвертый DNS сервера взять на разных хостингах.
Сервера вторичных DNS
Приведу несколько серверов, где можно взять вторичные DNS.
- 2DNSinfo.ru (бесплатно);
- www.mgnhost.ru/DNS-hosting.php (600 рублей в год за 100 зон);
- http://toobit.ru/hosting/secondary_name_server.php (100 Slave DNS за 1$ в мес.);
При аренде сторонних первичных, да и вторичных DNS серверов, с осторожностью относитесь к импортным DNS хостингам. Попробуйте проверить время их отклика на запрос, для этого есть масса online сервисов. Нормальное время ответа на запрос DNS должен быт от 20 до 120 ms. Хоть у импортных хостингов и сервера разбросаны по всему миру, но, к сожалению, этот мир может быть настолько далеко от вас, что время отклика достигает 800-4000 ms. А это не хорошо.
Как проверить DNS сервера сайта
Для проверки своих и чужих DNS воспользуйтесь любым сервисом Whois – сервиса проверки доменных имен. При проверке не забывайте, что при смене DNS кэширующий сервер очищается каждые 24-72 часа.
©www.wordpress-abc.ru
Другие статьи раздела: Хостинг для WordPress
As a core component of a DNS Server, a DNS Zone creates and stores DNS resource records. That means the DNS zones store all the resource records of a DNS namespace in themselves, and according to those records, the DNS Server resolves names to IP addresses upon the DNS queries by clients. The DNS Servers manage the DNS zones. It is the very fundamental configuration we must accomplish right after installing the DNS Service. Hence, this article covers how to create and configure a DNS Zone in Windows Server 2022 step-by-step. Before that, we need a comprehensive understanding of the DNS Zone types and their functions. That’s why we will first cover a brief overview of the DNS zone types and their functions. Then, we will create and configure DNS zones of all types in a separate section.
You may also like to read: Install DNS In Server 2022 Using Server Manager And Powershell.
Forward Lookup Zone and Reverse Lookup Zone
Broadly classifying, there are two types of zones available in a DNS Server. The first one is the Forward Lookup Zone which resolves names and, sometimes, services to IP addresses. The second one is the Reverse Lookup Zone which resolves IP addresses to names. While we always use the first type in every networking environment, we rarely use the second type for some security reasons. Furthermore, we have four types of zones that we can create and configure in each one of these two zone classes. In fact, when we talk about zone configuration, we configure one of these four types, whether in the Forward Lookup Zone or the Reverse Lookup Zone. Wherever we create them, they function accordingly. Now, let’s see each of these four zone types we can create and configure.
1. Primary DNS Zone
As the name refers, the Primary DNS Zone is the main DNS zone that a primary DNS server hosts. It stores the read/write copy of the zone data (resource records). Let’s say we have a DNS Server for our main office with a thousand clients. Now, that DNS Server hosts a primary zone and stores the DNS records of all those thousand clients with both read and write privileges.
2. Secondary DNS Zone
The Secondary DNS Zone stores a read-only copy of the Primary DNS zone. It goes hand-in-hand with the primary zone. If a change occurs in the primary zone, that change replicates in the secondary zone. We can not delete or add a new resource record in a secondary DNS zone. We use it mainly to reduce the workload on the primary DNS server, prevent a single point of failure, and reduce other resource usages like network bandwidth in a scenario where the company’s branches are connected over a WAN link.
3. Stub DNS Zone
A Stub DNS Zone is very similar to a secondary DNS zone. But, it stores a copy of resource records of only the name servers (NS) of a primary zone and not all resource records of a primary zone. Like the primary-secondary zones, we use it to reduce loads on the primary DNS Server, prevent a single point of failure, and reduce other resource usage.
4. Active Directory Integrated (ADI) DNS Zone
An active directory Integrated zone, or ADI zone for short, can be hosted only on a DNS server which is also the Domain Controller. Using the ADI zone, all the resource records automatically replicate between the two DNS servers. It is entirely bidirectional and multi-master. That means any changes on one side replicate to the other side. This type is the most secure as the replications are encrypted.
Now that we have a conceptual understanding of each DNS zone type, we will go forward and practically configure each one in a separate section.
Create and Configure a Primary DNS Zone
From the above descriptions, we understand what a Primary DNS Zone is and where we use it. We will walk through the below steps to create and configure a primary DNS zone in Windows Server 2022.
1. Open the DNS Manager console. To do so, open the Run dialogue box by pressing the Windows Key + R keys combination on your keyboard. Typednsmgmt.msccommand and press enter to open it. You can also open it by navigating through Server Manager >> Tools >> DNS.
2. Under the Server name on the DNS Manager console, you can create a new zone of both Forward Lookup Zones and Reverse Lookup Zones. Whichever you intend to create, right-click on it and choose the New Zone option. Consequently, click on the Next button on the first screen.
3. To create a Primary Zone, check out the first option and uncheck the last checkbox. Then, click on Next.
4. On the Zone Name console, type your zone name and click on Next to continue.
5. Now, configure the zone file. Choose the first option to create a new zone file, and click on the Next. The DNS zone creates a file to save the associated resource records. This file will be saved in the C:\Windows\System32\dns directory.
6. In this step, configure the Dynamic Updates. For the Primary DNS Zone, we have two options, and almost always, we choose the first active option, as shown in the picture. If we select the Do not allow dynamic updates option, we must manually update the resource records each time there is a new record, which is impossible in most cases. When it is set, click on the Next button. Finally, click on Finish on the last page.
That is all with the Primary DNS zone configuration. However, we still need to configure zone transfer.
Configure Primary DNS Zone Transfer
We learned how to create and configure a new Primary DNS zone in Server 2022. But, we still need to configure the zone transfer for our newly created primary DNS zone. The zone transfer configuration specifies the server(s) with which our primary zone must replicate its information. Follow the steps below to configure Zone Transfer.
1. Right-click on your DNS Zone and select the Properties option from the list.
2. On the zone properties page, select the Name Servers tab and click on Add button.
3. On the New Name Server Record screen, type the name or IP address of the secondary server with which you want to replicate this zone’s resource records. Use the Resolve button to resolve it. Once you have added the secondary server(s), click on the OK button. Do not care about the warning sign with the resolved server(s). Finally, close the zone’s Properties window.
We are all done with the primary zone. We have created and configured it, and then we configured the zone transfer. It is all set and ready to resolve names and replicate its records with the secondary DNS zone on the Server(s) we have just added.
Create and Configure a Secondary DNS Zone
A secondary DNS zone, as we described earlier, is a read-only copy of the primary DNS zone that updates itself with a replication of the Primary DNS zone records associated with it. It is also very similar in terms of configuration steps. Anyway, let’s move on and go with those steps to create and configure a Secondary DNS zone in Server 2022.
1. Open the DNS Manager console on the secondary server (Same as the Primary DNS zone described above)
2. Create a new DNS zone (Same as the step 2 of the primary DNS zone described above)
3. Choose the Secondary Zone option as shown in the below picture to create a secondary DNS zone. Then, click on the Next button.
4. Name the Secondary DNS zone. Remember that it is mandatory that the Secondary DNS zone name must be the same as the Primary DNS zone with which you want to associate. That is what makes them correlate with each other. So our secondary DNS name becomes Zone1 as of the primary DNS zone. Click on Next when it is set.
5. Specify the Master DNS Server(s) using their IP addresses or names. Once specified correctly, click on the Next button. Finally, click on the Finish button on the next page.
At this point, we have successfully created and configured the secondary DNS zone. Now, let’s verify if they work correctly.
Verify Primary-Secondary DNS Zones
We already know the purpose of the primary and secondary DNS zones. So, it is clear that all the resource records from the primary DNS zone should automatically get stored in the secondary DNS zone. Besides learning how to create and configure a DNS Zone in Server 2022, we verify this replication of resources and check if it works.
To verify this configuration, first, we manually create a new record in the primary DNS zone on the DNS server that hosts it (DC1 in our scenario). Then, we check if it is replicated in the secondary DNS zone on the DNS server that hosts our secondary zone (SRV1 in our scenario). Let’s move on step by step.
1. On the primary DNS server (DC1 in our example), right-click on the primary zone you have created and choose New Host (A or AAAA) option from the list.
2. Put the name of the new record in the Name box, and put the IP address associated with that name in the IP address box. Then, click on the Add Host button. Next, click on the OK button on the message window. Finally, click on the Done button.
3. On the secondary DNS server (SRV1 in our example), click on the secondary zone and see if the record you have created in the primary zone is added there. Remember that it might take a few seconds to replicate. So, refresh the DNS manager window on the secondary server.
This way, we can manually add a DNS record in our primary zone and check if it replicates to the secondary zone.
Create and Configure a Stub DNS Zone
Earlier in this article, we discussed the Stub DNS zone. We know where we use it and what resource records it stores. Now in this section, we dive into the steps on how we can create and configure a Stub zone in Windows Server 2022. Most of the steps are similar to the secondary zone configuration we covered above. So, to keep it short, we will refer to the secondary zone configuration steps for similar ones.
1. Open DNS Manager console (same as the Step 1 of secondary zone configuration)
2. Create a new DNS zone (Same as the step 2 of the secondary zone configuration)
3. Choose the Stub zone option on the Zone Type window.
4. Enter the name of the Stub zone. (Same as step 4 of the secondary zone configuration)
5. Configure zone file. (Same as the step 5 of the Primary zone configuration discussed above)
6. Add the master server (primary server which hosts the primary zone) as we did for the secondary DNS zone.
We configured a Stub Zone following these six steps. It is straightforward and requires almost the same steps as the secondary zone configuration except for steps three and five, where we specify the zone type and configure the zone file.
Create and Configure an Active Directory Integrated (ADI) DNS Zone
We are familiar with the concept of Active Directory Integrated (ADI) DNS Zones, as we discussed earlier in this article. To remind you, the ADI zones can be hosted only on the DNS servers, which are also the domain controller. With that in mind, this section covers the steps on how to create and configure an ADI DNS zone in Windows Server 2022. Let’s walk through the steps. To keep it short, we will refer to some of the above section’s steps if there are similar steps to the above sections.
1. Pull up the DNS Manager console as we did in previous sections.
2. Create a new DNS zone. (step 2 of the above sections)
3. Select the Primary zone option and check out the last checkbox option for the ADI DNS zone. Click on Next afterward.
4. Select the replication scope for the ADI zone in which it must replicate its resource records. We always use one of the two first options. The first one is to replicate the zone to all servers in the forest, and the second option is to replicate it to all servers in the domain. It depends on your environment and the plan accordingly. When done, click on Next.
5. Type a name for your ADI DNS zone and click on Next to continue.
6. Configure the Secure Dynamic Update in this step. For the ADI DNS zone, the first option is also available. Almost always, we use the first option for an ADI zone. It also depends on your plan. Click on the Next button when it is set. Then, click on Finish in the next window.
That is all the steps we walk through to create and configure an ADI DNS zone in Windows Server 2022.
Summary
To revise what we covered in this article, we started with an overview of the DNZ zones. First of all, we discussed the Forward Lookup Zone and Reverse Lookup Zone. We covered a brief overview of the four zones we can create and configure in each Forward and Reverse Lookup Zones. Next, in a step-by-step approach, we covered the primary zone creation and configuration. Likewise, we stepped into secondary zone configuration steps. Another small topic we covered was verifying primary-secondary zones. A stub zone configuration was the next section we covered. Finally, we explained the ADI DNS Zone configuration in six steps.
In the end, I would like to share my happiness in having you read our articles. Please feel free and let us know your thoughts and queries regarding our content.
Finding your primary and secondary Domain Name System (DNS) is like a modern-day treasure hunt. Completing this task allows your device to translate domain names into IP addresses, which helps in connecting you to the right website. It’s a simple process and, once done, can significantly improve your browsing experience.
After finding your DNS, you will have a better understanding of your network configuration and can make informed decisions about your internet connectivity. This could lead to a faster and more secure online experience.
Introduction
In the vast world of the internet, DNS servers are like the friendly guides that help you reach your online destination. Think of them as the internet’s phone book; they match the website names you type into your browser with their corresponding IP addresses. Without them, you would have to memorize a string of numbers for every website you want to visit—sounds like a headache, right?
Finding your primary and secondary DNS servers is crucial because it can impact your internet speed and security. This information is particularly relevant to network administrators, IT professionals, and anyone who wants to optimize their internet connection or troubleshoot connectivity issues. Plus, understanding your DNS settings can help you protect your privacy and prevent cyber threats. By the end of this article, you’ll be able to confidently navigate your network settings and discover your DNS servers like a pro.
Step by Step Tutorial on Finding Your Primary & Secondary DNS
Before diving into the steps, let’s clarify what we’re aiming to achieve. Identifying your primary and secondary DNS servers will reveal the gatekeepers of your internet traffic, which can offer insights into your network performance and security.
Step 1: Open Network Settings
The first step is to access your network settings on your device.
For most operating systems, this involves going into your device’s system preferences or control panel and locating the network or internet options. Here you will find various settings related to your connection.
Step 2: View Your Network Details
Once you’re in the network settings, look for your active connection and view its details.
This may require clicking on your Wi-Fi or Ethernet connection and finding an option like ‘Properties’ or ‘Details’. This is where the treasure lies—your DNS server addresses.
Step 3: Record the DNS Server Addresses
The final step is to write down the DNS server addresses displayed in your network details.
You’ll typically see two sets of numbers: one for the primary DNS server and another for the secondary DNS server. These are what you’ve been looking for—the keys to your internet browsing kingdom.
Pros
| Benefit | Explanation |
|---|---|
| Improved Speed | Knowing your DNS servers can help you optimize your internet speed. If you find that your current DNS is slow, you have the option to switch to a faster one. |
| Enhanced Security | Understanding your DNS settings can lead to better security. It allows you to identify any unauthorized DNS servers that could be redirecting you to malicious sites. |
| Troubleshooting Capabilities | If you’re experiencing connectivity issues, knowing your DNS can help you troubleshoot. Sometimes, changing your DNS server can resolve these problems. |
Cons
| Drawback | Explanation |
|---|---|
| Limited Control | For most people, the DNS server is automatically assigned by their internet service provider (ISP), and they have little control over it. |
| Potential Downtime | If a DNS server goes down, it can disrupt your access to the internet until it’s resolved or until you switch to a different server. |
| Privacy Concerns | Some DNS servers may log your browsing history, which can be a privacy concern for some users. |
Additional Information
When you’re on the hunt for your primary and secondary DNS, keep in mind that these servers are not set in stone. You can actually change them if you wish. Some alternate DNS servers, like Google’s 8.8.8.8 and 8.8.4.4, offer potential speed and security benefits. Additionally, if you’re concerned about privacy, there are DNS options focused on user anonymity.
It’s also worth mentioning that some devices and networks may have different methods to access DNS information—for instance, on a smartphone or tablet, the process may vary slightly. If you’re in a corporate or education network setup, you may not be able to view or change your DNS settings without administrator access. But fear not, understanding the basics of finding your DNS is a universal skill that applies across most devices and networks.
Summary
- Access your network settings.
- View the details of your active connection.
- Record the displayed DNS server addresses.
Frequently Asked Questions
What is DNS?
DNS stands for Domain Name System, and it’s essentially the internet’s phone book. It translates human-friendly domain names into IP addresses that computers understand.
Why do I have a primary and secondary DNS?
Having a secondary DNS serves as a backup in case the primary DNS fails. This ensures that you can still access the internet without interruption.
Can I use any DNS server address?
Yes, you can, but it’s advisable to use trusted DNS servers to avoid security risks. Popular choices include DNS servers provided by Google or OpenDNS.
Will changing my DNS server speed up my internet?
It can, as some DNS servers respond more quickly than others. However, it’s not a guaranteed speed boost for everyone.
Is it safe to use a public DNS server?
Generally, yes, it’s safe to use a public DNS server from a reputable provider. It’s always a good idea to research and choose a DNS server known for its security and reliability.
Conclusion
Identifying your primary and secondary DNS is a small but powerful step in managing your online experience. Whether you’re a tech-savvy user looking to optimize your connection or someone who’s just curious about how the internet works, understanding DNS servers is a useful bit of knowledge.
Remember, navigating your network settings is not just about uncovering numbers—it’s about taking control of your digital journey. So, go ahead and explore your DNS settings, who knows what online adventures await?
Matthew Burleigh has been writing tech tutorials since 2008. His writing has appeared on dozens of different websites and been read over 50 million times.
After receiving his Bachelor’s and Master’s degrees in Computer Science he spent several years working in IT management for small businesses. However, he now works full time writing content online and creating websites.
His main writing topics include iPhones, Microsoft Office, Google Apps, Android, and Photoshop, but he has also written about many other tech topics as well.
Read his full bio here.
(Image credit: Mauro Huculak)
As part of your internet service, the Internet Service Provider (ISP) also provides the local network with the necessary settings, including the Domain Name System (DNS) addresses, which allow you to access your favorite websites and online services and download files.
The only caveat is that the ISP’s DNS servers are usually not very private, slower than other services, and can be unreliable. However, you can always use different resolvers from third-party companies to improve your internet experience on Windows 10.
What’s DNS?
A Domain Name System is an internet service (usually at no cost to you) that allows you to type a friendly domain name in the web browser’s address bar to load a website. And without it, it’d be a nightmare to surf the web.
The issue is that every device requires an IP address (for example, 104.18.189.55) to communicate with other devices. However, these addresses are not easy for humans to remember, and DNS servers provide the mechanism to translate friendly domain names (for example, WindowsCentral.com) into IP addresses that computers can understand.
Although you can type «https://windowscentral.com» to access this website, in the background, the browser first sends a request to the DNS servers to resolve the IP address from the website’s name. Only when the address is found does the browser connect to the site and download the page’s contents.
Usually, you won’t notice this process because it’s automatic, and everything happens quickly, in milliseconds. However, if your resolvers are unreliable, they slow down your internet, or you want to use faster and more private servers, Windows 10 allows you to change these settings using Control Panel, Command Prompt, PowerShell, and Settings app.
In this how-to guide, I’ll outline the steps to change the DNS settings on Windows 10.
All the latest news, reviews, and guides for Windows and Xbox diehards.
Recent updates
These instructions has been updated to ensure accuracy and reflect changes to the process in the operating system.
How to change DNS settings using Control Panel on Windows 11
To change the DNS settings with Control Panel, use these steps:
- Open Control Panel.
- Click on Network and Internet.
- Click on Network and Sharing Center.
- Click the «Change adapter settings» option in the left pane.
- Right-click the active network interface and select the Properties option.
- Quick tip: You’ll know which adapter is connected to the network because it won’t have a «Disabled» or «Network cable unplugged» label.
- Select and check the «Internet Protocol Version 4 (TCP/IPv4)» option.
- Click the Properties button.
- Select the «Use the following DNS server addresses» option.
- Quick note: When you select the option to specify the DNS settings manually, the computer will continue to receive the TCP/IP address from the DHCP server (router).
- Confirm the primary DNS address under the «Preferred DNS server» section. For example:
- Cloudflare: 1.1.1.1
- Google Public DNS: 8.8.8.8
- OpenDNS: 208.67.222.222
- Confirm the secondary DNS address the computer will use if the primary is not reachable under the «Alternate DNS server» section. For example:
- Cloudflare: 1.0.0.1
- Google Public DNS: 8.8.4.4
- OpenDNS: 208.67.220.220
- (Optional) Click the Advanced button.
- Click the DNS tab.
- Click the Add button.
- Confirm additional alternate DNS server addresses (as necessary).
- Click the Add button.
- Quick tip: In addition to adding more addresses, you can edit and remove resolvers, and adjust their priority.
- Click the OK button.
- Click the Close button.
Once you complete the steps, the device will start using the specified DNS settings immediately.
How to change DNS settings using Settings on Windows 10
To change the DNS addresses through the Settings app, use these steps:
- Open Settings.
- Click on Network & Internet.
- Click on Ethernet or Wi-Fi.
- Select the active network connection.
- Click the Edit button under the «IP settings» section
- Select the Manual option in the «Edit IP settings» section.
- Turn on the IPv4 toggle switch.
- Confirm the primary DNS address under the «Preferred DNS server» section. For example:
- Cloudflare: 1.1.1.1
- Google Public DNS: 8.8.8.8
- OpenDNS: 208.67.222.222
- Confirm the secondary DNS address under the «Alternate DNS server» section. You can use one of these secondary addresses:
- Cloudflare: 1.0.0.1
- Google Public DNS: 8.8.4.4
- OpenDNS: 208.67.220.220
- Click the Save button.
- Restart the device.
After you complete the steps, the computer should connect to the internet using the new resolvers. Although it’s not a requirement, changing the DNS configuration from the Settings app may cause the system to lose connectivity. As a result, I commend restarting the computer after making these changes.
Although the Settings app is the recommended option to change DNS settings on your computer, I’m not listing it first because this method can be confusing for some people.
How to change DNS settings using Command Prompt on Windows 10
To change the computer’s DNS settings through the Command Prompt, use these steps:
- Open Start.
- Search for Command Prompt, right-click the top result, and select the Run as administrator option.
- Type the following command to launch the tool to change the networking settings and press Enter: netsh
- Type the following command to identify the names of the network adapters and press Enter: interface show interface
- Type the following command to set the primary DNS IP address and press Enter: interface ip set dns name=»ADAPTER-NAME» source=»static» address=»X.X.X.X»
In the command, change «ADAPTER-NAME» with the name of the network adapter you identified in step 4, and change «X.X.X.X» with the IP address you want to use. For example:
- Cloudflare: 1.1.1.1 and 1.0.0.1
- Google Public DNS: 8.8.8.8 and 8.8.4.4
- OpenDNS: 208.67.222.222 and 208.67.220.220
This example sets the primary DNS address to 1.1.1.1: interface ip set dns name=»Ethernet1″ source=»static» address=»1.1.1.1″
- Type the following command to add an alternative DNS IP address and press Enter: interface ip add dns name=»ADAPTER-NAME» addr=»X.X.X.X» index=2
In the command, change «ADAPTER-NAME» with the name of the network adapter you identified in step 4, and change «X.X.X.X» with the secondary address. This example sets the secondary DNS address to 1.0.0.1: interface ip add dns name=»Ethernet1″ addr=»1.0.0.1″ index=2
- Quick tip: You can repeat the above steps to add more addresses if necessary. However, in the command, you must increase the number of the index option by «1.» For instance, interface ip add dns name=»Ethernet1″ addr=»8.8.8.8″ index=3
Once you complete the steps, Windows 10 will start using the new DNS server addresses to resolve domain names to numeric addresses that your device can understand.
How to change DNS settings using PowerShell on Windows 10
To change the computer’s DNS settings through PowerShell, use these steps:
- Open Start.
- Search for PowerShell, right-click the top result, and select the Run as administrator option.
- Type the following command and note the «InterfaceIndex» and «DNSServer» settings from the current configuration, and press Enter: Get-NetIPConfiguration
- Type the following command to configure a primary DNS address and press Enter: Set-DnsClientServerAddress -InterfaceIndex ADAPTER-INDEX -ServerAddresses X.X.X.X
In the command, change «ADAPTER-INDEX» with the number of the network adapter you identified in step 4, and change «X.X.X.X» with the IP address you want to use. For example:
- Cloudflare: 1.1.1.1 and 1.0.0.1
- Google Public DNS: 8.8.8.8 and 8.8.4.4
- OpenDNS: 208.67.222.222 and 208.67.220.220
This example sets the primary DNS address to 1.1.1.1: Set-DnsClientServerAddress -InterfaceIndex 4 -ServerAddresses 1.1.1.1
- Type the following command to configure primary and secondary DNS addresses and press Enter: Set-DnsClientServerAddress -InterfaceIndex ADAPTER-INDEX -ServerAddresses X.X.X.X, X.X.X.X
In the command, change «ADAPTER-INDEX» with the number of the network adapter you identified in step 4, and change «X.X.X.X» with the IP addresses you want to use. For example:
This example sets the primary DNS address to 1.1.1.1: Set-DnsClientServerAddress -InterfaceIndex 4 -ServerAddresses 1.1.1.1, 1.0.0.1
After you complete the steps, the device will start using the new DNS server addresses.
Finally, it’s worth noting that support for Windows 10 will end on October 14, 2025. After this date, Microsoft will no longer release security or maintenance updates and will also cease to provide any support.
You can use these instructions to prepare your device and upgrade from Windows 10 to 11.
More resources
For more helpful articles, coverage, and answers to common questions about Windows 10 and Windows 11, visit the following resources:
- Windows 11 on Windows Central — All you need to know
- Windows 10 on Windows Central — All you need to know
Mauro Huculak has been a Windows How-To Expert contributor for WindowsCentral.com for nearly a decade and has over 15 years of experience writing comprehensive guides. He also has an IT background and has achieved different professional certifications from Microsoft, Cisco, VMware, and CompTIA. He has been recognized as a Microsoft MVP for many years.