Best DNS Servers for Gaming 2026: PS5, Xbox & PC Picks
Most "best DNS for gaming" guides quietly skip a simple fact. Your ISP's default resolver averages around 70 milliseconds of response time. Cloudflare's averages about 12. The biggest single win for any gamer is just leaving the ISP DNS behind. After that, the differences between the top public resolvers are real but smaller than the marketing suggests, and they depend on where you live, what console you play on, and what you actually need DNS to do during a gaming session. This guide covers the four things that actually matter for gaming performance: latency, geography, console-specific quirks, and the line between what DNS can and cannot influence in your match.
What a DNS server does in a gaming session
Think of DNS as the phone book your game checks before it can call anyone. A name like matchmaking-na.warzone.activision.com is great for humans, useless for a console. The DNS server takes that name and hands back an IP address, and only then can your PS5 or PC start talking to it. Skip the lookup, and nothing happens: no lobby, no friend invites, no patch downloads, no matchmaking. Every time your client opens a fresh connection to a back-end service, another lookup fires.
But here is the catch most explainers miss. Once the lookup is done and packets are flowing to the resolved IP, DNS drops out of the picture entirely. The in-game ping you watch in the corner of your screen is pure routing now: you, your ISP, the upstream backbone, the game server. That single distinction shapes every honest answer in this guide.
Does DNS affect gaming performance? The honest answer
Yes, in exactly one phase of play. Before the match.
What a fast DNS does help with: finding lobby servers, resolving patch CDNs for Steam, Epic and EA App, hitting matchmaking endpoints quickly, and loading web stores inside launchers. All of those become a touch snappier, and the gap can be the difference between waiting ten seconds and waiting one for a lobby to populate.
What it does not help with: your in-game ping, your FPS, packet loss, NAT type, or any aspect of how match traffic actually flows. Once you are in the session, the resolver is gone. People often quote the 70-millisecond ISP average against Cloudflare's roughly 22 milliseconds in the US, and the gap is real. But what you feel from it is "matchmaking became snappy", not "my 50 ms ping became 30 ms". Those are unrelated systems.
A pair of myths follow this around. First, anti-cheat. VAC, EAC and BattlEye live deep in the kernel, watching memory and processes. Nobody has documented a single anti-cheat flag triggered by a custom DNS resolver. Second, matchmaking region. Apex, Valorant, CS2, Warzone — they all read your IP geolocation to pick a region. A different DNS does not move you to a different bracket. To play on another region you need a VPN, and most competitive titles call that a ban-worthy offense.
Best DNS servers for gaming in 2026
The table below compares the eight public DNS servers worth considering for gaming, with US response times from independent measurement networks. Mini-reviews follow.
| Resolver | Primary / Secondary | NA latency | Encryption (DoH/DoT/DoQ) | Privacy | Standout |
|---|---|---|---|---|---|
| Cloudflare | 1.1.1.1 / 1.0.0.1 | 1–5 ms | Yes / Yes / Yes | 25-hr anonymized | Fastest global anycast |
| Google Public DNS | 8.8.8.8 / 8.8.4.4 | 3–8 ms | Yes / Yes / No | Permanent aggregate | Highest uptime, broad CDN |
| Quad9 | 9.9.9.9 / 149.112.112.112 | ~7 ms | Yes / Yes / Yes | Zero logs (Swiss) | Threat blocking, no LEA history |
| NextDNS | 45.90.28.x / 45.90.30.x | 5–10 ms | Yes (incl. DoH/3) / Yes / Yes | Configurable | Per-profile filtering |
| ControlD | 76.76.2.0 / 76.76.10.0 | 4–9 ms | Yes (incl. DoH/3) / Yes / Yes | None (free tier) | Free + premium tiers |
| AdGuard DNS | 94.140.14.14 / 94.140.15.15 | 6–12 ms | Yes / Yes / Yes (first mover) | Aggregate 24h | Ad and tracker blocking |
| OpenDNS (Cisco) | 208.67.222.222 / 208.67.220.220 | 8–14 ms | Yes / Yes / No | Logs queries | Phishing and content filtering |
| Cisco Umbrella | 208.67.222.123 / 208.67.220.123 | 8–14 ms | Yes / Yes / No | Enterprise logging | Enterprise-grade filtering |
Cloudflare 1.1.1.1. If you change one thing tonight, change it to this. Cloudflare's anycast network drops you onto a nearby PoP wherever you live, response times in US metros sit at low single-digit milliseconds, and query data gets purged inside 25 hours. The 2024 BGP hijack (about 7.5 hours, around 1% of global users affected) is the one blemish worth knowing about; otherwise the resolver has been boringly reliable.
Google Public DNS 8.8.8.8. The infrastructure benchmark. No major outages in 2024 or 2025, the easiest secondary IP anyone will remember, and broad reach across regions where Cloudflare's PoPs are thinner. What you trade for that is privacy. Google quietly keeps permanent aggregated logs that include the domains you queried, your ISP's network identifier, and your city-level location.
Quad9 9.9.9.9. A Swiss non-profit with the cleanest privacy story in the field: zero query logs, zero law-enforcement data requests over its full history (2017 through 2025), and malicious-domain blocking on by default. North America sits around 7 ms; Europe is faster at roughly 4 ms.
NextDNS. The configurable one. The free tier covers 300,000 queries per month before filtering shuts off (resolution continues regardless). DoH, DoT and DoQ all there. Best for households that want per-device profiles or want kids on a different filter than adults.
ControlD. Free public endpoints at p0/p1.freedns.controld.com plus paid tiers with categories and analytics. Speaks DoH/3 and DoQ. Good fit for users who want category-level filtering without writing their own block list.
AdGuard DNS. The encryption pioneer. First major public resolver to ship DoQ, back in December 2020. Bakes in ad and tracker blocking, which has the side benefit of killing the upsell pop-ups every game launcher seems addicted to.
OpenDNS and Cisco Umbrella. Both Cisco. Uptime is solid, latency is fine, but the consumer-facing features have not seriously evolved in years. Pick OpenDNS only if you specifically want its family-filtering modes.
DNS server addresses by region: pick the closest one
The famous-brand rankings change once you look at regions instead of global averages. The figures below come from PublicDNS.info's May 2026 measurement network (109,000+ probes refreshed every 72 hours).
| Region | Fastest | 2nd | 3rd |
|---|---|---|---|
| North America | Cloudflare 1–5 ms | Google 3–8 ms | Quad9 ~7 ms |
| Europe | Quad9 ~4 ms | Cloudflare 2–8 ms | AdGuard 5–10 ms |
| APAC | Google 5–15 ms | Cloudflare anycast (Singapore/Sydney) | Quad9 ~12 ms |
The takeaway: in Europe, Quad9 quietly beats both Google and Cloudflare on raw response time because of how its anycast PoPs are distributed. In Asia Pacific, Google's reach pays off. The "best DNS server for gaming" depends on your distance to the nearest PoP, not the brand on the marketing page. If you live somewhere with patchy resolver coverage (rural Midwest, parts of Eastern Europe, most of Africa), benchmark with `dnsperftest` or GRC's DNS Benchmark before committing.
Best DNS settings for PS5, Xbox, and Nintendo Switch
Each console has its own DNS dialect. The differences are not cosmetic.
PS5 first. You have to dig: Settings, Network, Set Up Internet Connection, the Options button (easy to miss), Advanced Settings, then finally DNS Settings. Flip it to Manual. Drop 1.1.1.1 in primary, 1.0.0.1 in secondary, save, exit. Test. Done. What Sony does not put on a marketing page is that the PS5 firmware has zero encrypted-DNS support. No DoH client. No DoT client. If you want encryption on a PS5, the router is the only place to do it. And while we are here: NAT type is not a DNS problem. A Strict NAT means UPnP is misbehaving or your ports are blocked. Switching resolvers will never fix it.
Xbox Series X and S, similar walk. Profile & System, Settings, General, Network Settings, Advanced Settings, DNS Settings. Same Cloudflare or Quad9 IPs. The honest answer on Xbox native DoH is that nobody actually knows. Microsoft's docs describe plain IP entry only. A few third-party blogs swear newer firmware quietly added DoH support. I would not bet a console on that being true. If encrypted DNS matters, route it through the router.
The Switch is the most stubborn console of the three. System Settings, Internet, Internet Settings, pick the network, Change Settings, DNS Settings, Manual. End of options. Plaintext UDP only. No encryption layer anywhere on the device.
Same pattern across all three: encrypted DNS on a console is encrypted DNS on the router. Put AsusWRT-Merlin, OpenWrt or a GL.iNet box in front of the consoles, point it at a DoH or DoT upstream, and the consoles continue speaking plain DNS on the LAN while your exit traffic stays encrypted. The bonus is everything else on the network — phone, smart TV, kid's tablet — inherits the same resolver for free. Skip the router project entirely if you only want speed. Manual Cloudflare or Quad9 on the console crushes most ISP defaults already.
| Console | Path | Native DoH | Workaround |
|---|---|---|---|
| PS5 | Network > Advanced > DNS | No | Router-level DoH |
| Xbox Series X/S | Network Settings > Advanced > DNS | Unclear | Router-level DoH |
| Nintendo Switch | Internet Settings > DNS | No | Router-level DoH |
How to change your DNS on Windows and Mac
On Windows 11, the DNS service setting is buried under Settings, Network & Internet, then whichever connection you use. You click into Hardware properties and there is an Edit button next to "DNS server assignment". Click it. Switch to Manual. Toggle IPv4 on. Type your primary DNS — I use 1.1.1.1 — then the alternate 1.0.0.1. Save. Windows 11 is smart enough to upgrade the connection to DoH automatically when the resolver supports it, and most of the names on the comparison table above do. If you want to be paranoid about it, the Encryption dropdown in the same dialog lets you make it explicit.
On a Mac, the path is shorter. System Settings, Network, click into your active interface, Details, DNS tab, then hit the + button and type each address on its own line. Default macOS is plaintext DNS. Encrypted DNS means either installing a configuration profile your resolver hands you as a `.mobileconfig`, or running dnscrypt-proxy locally. Both work; the profile is faster to set up.
Quick way to verify the change actually stuck: open Terminal and run `nslookup cloudflare.com 1.1.1.1`, or `dig @8.8.8.8 example.com` if you like the more verbose output. If the answer comes back from the IP you set, instead of whichever resolver your ISP assigned by default, you are done.
What DNS cannot do for your gaming experience
Two persistent myths are worth dismantling.
Anti-cheat suspicion. VAC, EAC, and BattlEye operate at the kernel and process level, monitoring memory access, signature changes, and behavioral patterns. None of the available technical write-ups document a case of a custom DNS resolver triggering an anti-cheat flag. If you are getting flagged, the cause is somewhere else.
Matchmaking region manipulation. Apex Legends, Valorant, CS2 and Warzone all set match region from the player's IP geolocation, not the DNS server they happen to use. Routing your full traffic through a VPN can shift the region (and is explicitly against the terms of service for several titles, with some flagging VPN exit-nodes as bans). Changing DNS alone does not.
What DNS does help with on game day: lobby reconnect speed after a disconnect, patch-download CDN resolution for Steam, Epic, Battle.net and EA App, friend-invite reach when invites resolve through a name lookup, and any time you click into a web-based store from inside a launcher. Those wins are real even if they are small. A faster resolver also helps with cloud-save sync at session start, and with any companion-app gaming traffic — Discord overlay, Twitch chat, party invites — that opens connections during a match.
Privacy: what your DNS server provider sees
Every DNS lookup tells the resolver what site you visited. For gamers, that means every matchmaking server, every patch CDN, every Discord call, every Twitch overlay. Whether the resolver keeps that log varies sharply.
| Resolver | IP logs | Query logs | Retention | Jurisdiction |
|---|---|---|---|---|
| Cloudflare | Anonymized | None personal | 25 hours | USA |
| Temp 24–48h | Permanent (anonymized) | Indefinite aggregate | USA | |
| Quad9 | None | None | None | Switzerland |
| NextDNS | User-configured | User-configured | User-configured | France |
| ControlD (free) | None | None | None | Canada |
| AdGuard DNS | None per-IP | Aggregate domains | 24h aggregate | Cyprus |
The clearest defaults: Quad9 if you want a zero-log Swiss-jurisdiction resolver with reliable performance, NextDNS if you want configurable retention, Cloudflare if you trust its 25-hour purge. Your ISP's default DNS is effectively a log of your gaming patterns tied to your billing account, sold or shared with whatever data partners the ISP currently works with. Comcast's SecurityEdge for example overrides client-side DNS at the network level, meaning even if you manually set Cloudflare on your console, an upstream filter still sees and can rewrite the response. Switching DNS only helps if your ISP does not silently override it; if it does, encrypted DNS at the router (DoH or DoT) is the only fix that survives.
Which gaming DNS should you actually use?
Five user types, five picks. For a US PC gamer with no special requirements: Cloudflare 1.1.1.1 with 1.0.0.1 as secondary, consistently one of the best DNS servers for gaming at the price of free. For a European gamer: Quad9 (faster than Cloudflare in EU and zero logs). For a privacy-first gamer anywhere: Quad9. For a console household that wants encrypted DNS: NextDNS or ControlD configured at the router. For households with kids and ad-blocking needs: NextDNS or AdGuard DNS, configured per profile. Competitive gaming rarely demands exotic settings; the switch from your ISP's default to any of these resolvers is the single change you will actually feel.
