[2025] What Is Private DNS on Android & How to Set It

Gareth Mitchell Updated on Sep 26, 2025 Filed to: MDM

People often wonder, What is Private DNS on Android and why should I care about it? With growing concerns about privacy, many want to know how to keep their internet activity secure, especially on public Wi-Fi. The answer is Private DNS.

DNS (Domain Name System) helps translate website names into IP addresses, but traditional DNS queries can be intercepted, exposing your browsing data. Private DNS (using DNS-over-TLS, port 853) encrypts these queries, making them unreadable to third parties like café routers or 5G carriers.

In 2025, setting up Private DNS on Android takes just 30 seconds—no extra apps needed. We'll show you the exact hostname to paste, so you can easily protect your privacy.

1What is Private DNS on Android

What does private DNS mean on Android?

Private DNS allows you to replace the default DNS servers from your ISP or café Wi-Fi with an encrypted channel using DNS-over-TLS on port 853. This ensures that your DNS queries are protected with encryption, similar to how HTTPS secures web traffic.

Without Private DNS, a €25 “Wi-Fi Pineapple” in a crowded coffee shop can easily log 200+ domains per minute from unencrypted DNS queries. But once you enable Private DNS, this list becomes unreadable gibberish to any eavesdroppers.

Important: While Private DNS encrypts domain names, it doesn’t hide your IP address. It’s like sealing an envelope but still showing the return address. For full anonymity, you’ll need to add a VPN.

2How to Set Private DNS on Android?

Private DNS is available on Android 9 (Pie) and later versions. If you're using a device with Android 9 or newer, you can enable Private DNS directly in the system settings. However, older devices or custom ROMs may not support this feature, so make sure your device is running at least Android 9.

Let’s take a Samsung phone as an example for setting it up:

Step 1. Open Settings on your Samsung phone.

Step 2. Go to Connections.

Step 3. Tap on More connection settings.

Step 4. Select Private DNS.

Step 5. Choose the option Private DNS provider hostname.

What hostname should I give for Private DNS? Enter the hostname of your preferred DNS provider:

Note: This article will provide some free private DNS hostnames for selection. (Note that these hostnames all offer free tier for use. If you need to unlock more functions, they also provide paid versions. Please refer to the following comparison table for details.)

Hostname (Provider)	Free Tier — What Do You Get?	Paid Tier — What Advanced Features Are Unlocked?	Starting Price
`dns.cloudflare.com` (Cloudflare)	• Unlimited queries & True zero-log policy • Global Anycast acceleration • Built-in DDoS protection & DNSSEC	• Authoritative DNS control panel (for websites) • Granular firewall rules • Business-grade bot mitigation	$20/month (Pro)
`dns.google` (Google Public DNS)	• Unlimited queries • High availability (99.99%) • Basic malicious domain blocking	• No paid upgrade options; features remain the same	Free forever
`dns.nextdns.io` (NextDNS)	• 300,000 queries/month ≈ 5–7 devices • Custom block lists + statistics dashboard • Multi-device cloud sync	• Unlimited queries • Longer log retention & advanced analytics • Team shared policies	$20/year (Pro)
`dns.adguard.com` (AdGuard)	• No query limit • Default blocks for ads, tracking, and malicious domains • Zero-log policy	• Custom block rules, parental control, export statistics • Supports both DoH/DoQ endpoints	$2.49/month (Personal) [2025 official price]

Step 6. Tap Save.

Once you tap Save, there's no need for any further action. The Private DNS will be automatically applied to your phone, and your DNS queries will start being encrypted right away. You don’t need to restart your device or adjust any other settings—the process is seamless.

Advanced tips:

1. If Private DNS doesn’t work after saving?

Check your connection: Make sure you're connected to Wi-Fi or mobile data.
Verify the hostname: Ensure the correct hostname (e.g., dns.cloudflare.com) is entered.
Try a different provider: Switch to another DNS provider if one isn't working.
Check your Android version: Private DNS requires Android 9 or later.

2. Why can’t you use an IP address (e.g., 8.8.8.8)?

Think of the IP address as the “street number” and the hostname as the “person’s name.” The encrypted post office (DNS-over-TLS) only delivers a sealed letter if it knows the name. If you give it only the street number, it sends a postcard—still readable to anyone along the way. That’s why Android will show “Private DNS server cannot be accessed” when you enter an IP.

private dns server cannot be accessed android — Image Source: Cloudflare

3. How to set Private DNS on Android TV?

Private DNS is also available on Android TV. The process is similar to setting it up on your Android phone, but with a few differences for remote control navigation.

To set up Private DNS on Android TV, go to Settings > Network & Internet > Private DNS. Then, enter your preferred DNS hostname (e.g., dns.cloudflare.com or dns.google).

Note : If you're using a Shield TV or other Android TV devices, the navigation may differ slightly, but the overall steps remain the same.

3Benefits of Using Private DNS on Android Phone

1. Privacy Protection

By enabling Android Private DNS mode, you encrypt your DNS queries, significantly boosting your online privacy. Regular DNS queries are sent in plain text, which can be intercepted by ISPs or hackers. Private DNS ensures that these queries are encrypted, preventing third parties from tracking the websites you visit and protecting your browsing history from unauthorized access.

2. Ad Blocking

Providers like AdGuard DNS and Cloudflare DNS offer privacy protection while also helping reduce online ads and trackers. By blocking access to domains used by advertisers, these services enable a cleaner browsing experience. This also helps to reduce the tracking of your online activities by advertisers. For instance, AdGuard’s free hostname blocks ~840 k ad/tracker domains (list updated hourly). On a typical news site, users see 38 % fewer banner ads and load pages 1.9 s faster, according to the company’s 2024 transparency report.

3. Faster Browsing

By using a fast DNS provider in Android Private DNS mode, like Cloudflare DNS, you can improve your browsing speed. These providers optimize DNS queries, allowing for quicker website resolution and reducing the time it takes to load pages. This results in a smoother internet experience, especially for high-traffic websites or media streaming.

4. Enhanced Security

Android Private DNS mode also strengthens your online security by blocking access to malicious websites and helping prevent phishing attacks. With a secure DNS provider, you avoid being redirected to harmful sites that could steal personal information or install malware. Services like AdGuard actively block known malicious domains, adding extra protection against cyber threats.

4Enterprise-Grade Network Security at Scale

In businesses with large numbers of Android devices, managing network security across all devices can be a challenge. IT admins need to ensure devices are securely connected to Wi-Fi networks, configured with the correct APN settings, and protected from security threats.

Airdroid Business helps streamline this process by allowing admins to configure network settings like Wi-Fi and APN settings across multiple devices at once. Additionally, CA certificates can be deployed through AirDroid Business to ensure that devices are connected to trusted networks and to establish secure communication between devices and company resources. By managing these certificates, IT teams can prevent unauthorized connections, ensuring that all devices are securely linked to the enterprise network.

14-day Free Trial

5FAQs About Private DNS on Android

1. How do I restore Private DNS settings?

To restore your Private DNS settings, simply go back to Settings > Connections > More connection settings > Private DNS. You can either turn it off or switch back to the default DNS provider by selecting Automatic.

2. What should I do if Private DNS isn’t working?

Check your connection: Make sure you’re connected to Wi-Fi or mobile data.

Verify the hostname: Double-check that the correct hostname (e.g., dns.cloudflare.com) is entered.

Try a different provider: If one provider doesn’t work, try switching to another.

Check your Android version: Private DNS is only available on Android 9 and later. Make sure your device meets the requirement.

3. How can I block ads using Private DNS?

Some Private DNS providers, like AdGuard DNS or Cloudflare DNS, have built-in ad-blocking features. By setting these DNS services, you'll block access to known ad-serving domains, reducing the number of ads you see while browsing.

4. What should I do if the Private DNS server cannot be accessed?

If you encounter an error like "Private DNS server cannot be accessed", it may indicate that:

* The DNS hostname is incorrect or misspelled.

* The DNS provider is temporarily down.

* Your network is blocking the DNS port (Port 853). You can try a different DNS provider or check your network settings.

5. Does Private DNS drain battery?

No, DNS-over-TLS (DoT) is built into the operating system, meaning it doesn’t add any extra processes that would drain your battery.

6. Can I use custom DNS if I already run a VPN?

Most VPNs use their own DNS settings, but some VPNs like WireGuard and OpenVPN allow you to manually configure custom DNS settings, which would override the default VPN DNS.

7. Is Private DNS illegal in my country?

DNS-over-TLS (DoT) is just encryption and is legal in most countries. However, in places with restrictive firewal

Click a star to vote

6190 views

Gareth Mitchell

Gareth Mitchell is a tech writer who knows stuff about MDM (mobile device management) very well. Meanwhile, he breaks down tricky tech topics so they're easy to grasp.

Discussion