Software Development

Web applications, mobile, e-commerce and custom software projects.

ReactNode.jsMobile

SEO & Optimization

Organic traffic growth, technical SEO, content strategy and analytics.

Technical SEOContentAnalytics

Digital Advertising

Google Ads, Meta ads, YouTube campaigns and remarketing.

Google AdsMetaYouTube

API & Integration

REST API, webhook infrastructure, payment and shipping integrations.

REST APIWebhookOAuth
View all services Get free consultation

Web Hosting

cPanel management panel, SSD storage, free SSL certificate

Get a Quote

VPS Server

NVMe SSD, full root access, DDoS protection included

Get a Quote
Popular

Dedicated Server

Fully dedicated physical server, unlimited traffic

Get a Quote

Domain & SSL

Domain registration, transfer and Wildcard SSL certificates

Get a Quote

Why KEYDAL?

  • 99.9% uptime guarantee
  • Istanbul data center
  • 24/7 support
  • Free migration service
Get a quote

Projelerimiz

kSvSecurity, kAI, kMusic ve daha fazlası.

About Us

Meet KEYDAL. Our vision, team and journey.

Contact

Tell us about your project, get a custom quote.
Contracts
Privacy Policy Terms of Service SLA Agreement Data Protection Notice Cookie Policy
01 Home
Software Development SEO & Optimization Digital Advertising API & Integration
Web Hosting VPS Server Dedicated Server Domain & SSL
04 KEYDAL Projects 05 Tools 06 Blog
About Us Contact Contracts
Get a Quote
Blog / hosting

What Is DNS? DNS Settings, How to Change Them, and the Best DNS Servers

guide 12 min read

What Is DNS?

DNS (Domain Name System) is the distributed system often called the phone book of the internet. People remember domain names like keydal.tr, but computers, routers, and servers talk to each other through IP addresses (for example 104.21.55.12 or 2606:4700:3033::ac43:9f0c). DNS translates those human-friendly names into machine-friendly IPs.

When you type an address into your browser, dozens of DNS queries run behind the scenes within a fraction of a second. If those queries fail, the site does not load. If they are slow, the page crawls. That is why your DNS settings directly affect speed, security, and reachability.

How DNS Works

DNS resolution is hierarchical. Resolving example.com usually looks like this:

  • The browser, operating system, and local router caches are checked first.
  • If there is no match, the query is sent to your ISP or the recursive resolver you configured.
  • The resolver asks the root servers: which server is authoritative for the .com TLD?
  • The .com TLD server points to the authoritative NS servers for example.com.
  • The authoritative NS server returns the A/AAAA record and its IP address.
  • The browser opens a TCP/TLS connection to that IP and downloads the content.

A typical DNS lookup takes 10-50 ms. Using a geographically close, well-cached resolver can shave that number significantly.

DNS Record Types

A DNS zone contains several record types, each with its own purpose. The ones you will meet most often are below.

A and AAAA Records

An A record maps a domain name to an IPv4 address. An AAAA record maps it to an IPv6 address. Defining both in modern hosting panels improves reachability over mobile networks.

CNAME, MX, TXT, NS

  • CNAME: an alias from one name to another. Example: www.keydal.tr -> keydal.tr.
  • MX: mail servers for the domain. Lower priority numbers are tried first.
  • TXT: plain-text records used for SPF, DKIM, DMARC, and domain verification.
  • NS: which authoritative nameservers host the domain.
  • SRV: publishes host/port information for services like SIP, XMPP, or Minecraft.

How to Change DNS Settings

Changing your DNS can give you ad/tracker blocking, better speed, expanded reach, and stronger security. Here is how to do it on the major operating systems.

Windows 10 / 11

  • Settings > Network & internet > pick your Wi-Fi or Ethernet adapter.
  • Under DNS server assignment click Edit.
  • Choose Manual, enable IPv4 and IPv6, and enter your preferred DNS servers.
  • Where supported, enable Encrypted (DoH) — it tunnels DNS traffic over HTTPS.

macOS

Follow System Settings > Network > active connection > Details > DNS. Use the plus (+) button to add DNS servers, and drag to reorder them.

Android and iPhone

  • Android: Settings > Network > Private DNS > Private DNS provider hostname (e.g. one.one.one.one).
  • iPhone / iPad: Settings > Wi-Fi > your network > Configure DNS > Manual. Add IPv4/IPv6 entries.
  • For DoH/DoT support on cellular, install a provider profile — DNS stays protected on mobile data too.

DNS at the Router Level

Your router panel (typically at 192.168.1.1) exposes primary and secondary DNS fields under DHCP. Changes made here apply to every device on the network — phones, smart TVs, consoles, and IoT devices included.

Best DNS Servers (2026)

Which resolver is best depends on your location, your ISP's routing, and your privacy preferences. The public resolvers below deliver reliably low latency worldwide:

  • Cloudflare: 1.1.1.1 and 1.0.0.1 — no-logs policy, native DoH/DoT support, very low latency.
  • Google Public DNS: 8.8.8.8 and 8.8.4.4 — high uptime and strong caching.
  • Quad9: 9.9.9.9 — security-focused, blocks known malicious domains.
  • OpenDNS (Cisco): 208.67.222.222 — family filtering options.
  • AdGuard DNS: 94.140.14.14 — ad and tracker blocking.

Prioritize privacy? Go with Cloudflare or Quad9. Prioritize speed? Cloudflare or Google. Need family content filtering? OpenDNS. Always configure a primary + secondary pair so you do not lose connectivity if one resolver is down.

DNS Comparison Table

DNS Propagation and TTL

When you change a DNS record (for example, pointing an A record to a new server), the change does not propagate instantly worldwide. The TTL (Time To Live) value controls how long caches keep the record. Typical TTLs range from 300 to 86400 seconds.

Planning a server migration or IP change? Lower the TTL to 300 seconds 24-48 hours in advance to minimize propagation time. Raise it back afterward to reduce query traffic.

DNS Security: DNSSEC, DoH, and DoT

Classic DNS traffic flows in the clear over UDP port 53. That lets ISPs and attackers on the same network see your queries and even tamper with responses. Modern DNS offers three layers of protection.

  • DNSSEC: cryptographically signs authoritative responses; defends against cache poisoning and MITM.
  • DoH (DNS over HTTPS): encrypts queries over HTTPS (port 443); supported by Cloudflare, Google, and Mozilla.
  • DoT (DNS over TLS): encrypts DNS over TLS on port 853; easier for network admins to identify than DoH.
  • Encrypted Client Hello (ECH): complements DNS encryption by hiding the TLS SNI as well.

On corporate networks DoH can clash with filtering policies. In that case deploying an internal resolver (e.g. Pi-hole + Unbound) gives you encrypted egress and in-house control at the same time.

Flushing the DNS Cache

If you suspect a stale or incorrect record is cached locally, flush the cache manually.

Checking Propagation and Resolution

Test whether a record has propagated globally using dig, nslookup, or an online propagation checker.

KEYDAL and Managed DNS

With web hosting or domain services, DNS is managed from a professional control panel. KEYDAL ships DNSSEC, Anycast resolvers, and automated backups as standard — so speed and security live in the same place.

Practical Tips and 2026 Trends

Looking at DNS in 2026, three trends stand out: encrypted DNS is becoming the default (DoH is standard in browsers), IPv6 adoption is rising, and Anycast-based resolver networks are everywhere. For individuals we recommend enabling DoH in your browser, setting Cloudflare as your primary and Quad9 as your secondary at the router, and skipping the ISP's resolver. The result: ad/malware blocking and improved privacy.

For enterprises, running an internal resolver (BIND, Unbound, or CoreDNS) that forwards upstream to Cloudflare and Google is the healthiest architecture. Split-horizon DNS keeps internal records private, and query logs can flow into a SIEM for auditing.

Frequently Asked Questions

Does changing DNS make the internet faster?

It improves response time, not raw download speed. A fast resolver reduces time-to-first-byte and speeds up page loads — especially noticeable compared to slow ISP DNS.

Is there a difference between 8.8.8.8 and 1.1.1.1?

Both are globally reliable. 1.1.1.1 (Cloudflare) stands out for its no-logs policy and default DoH support. 8.8.8.8 (Google) is the most widely used option with massive infrastructure behind it.

Why do some sites stop loading after I change DNS?

Usually a typo, a misconfigured IPv6 entry, or conflicting settings between router and device. Run ipconfig /flushdns, add IPv6 resolvers too, and make the change at only one level (device or router, not both).

Related Articles

Readers of this article also read these

hosting 13 min

Elastic Stack (ELK): Log Analysis with Elasticsearch, Logstash and Kibana

Centralized log management with the ELK Stack — Elasticsearch, Logstash, Kibana and Filebeat setup, index management and log search.
hosting 14 min

Prometheus and Grafana Server Monitoring: Metric Collection Guide

Set up production-grade monitoring with Prometheus metrics, Grafana dashboards, node_exporter, Alertmanager and PromQL queries.
hosting 13 min

Ansible Server Automation: Playbooks, Roles and Inventory

Agentless server management with Ansible — playbooks, roles, inventory, vault, idempotent tasks and a full setup-automation guide.
WhatsApp