What is a DNS server?
Every time you enter a domain name into the address bar of your browser or click on a link, like www.mullvad.net, download a picture or another resource on a website, you are most likely using the Domain Name System (DNS). Your browser uses it's configured DNS server to look up the IP address of that resource. The IP address in turn, is used to download the resources you requested. A normal website today is full of links to resources on the same site and on other third party sites. This means your DNS server, or servers, will be contacted frequently.
Why are DNS servers important from a privacy perspective?
Since your browser contacts the DNS server for each and every new domain name request, the DNS server will know what pages you are visiting and what resources you are looking at. Therefore, you are constantly leaking information to your DNS server provider about what you are doing and when. Usually the DNS server belongs to your Internet Service Provider (ISP) or a big company like Google.
Solution - Use Mullvad DNS servers
Because of the privacy issues mentioned above, Mullvad has it's own public non-logging DNS server at the following IP address: 22.214.171.124
We also have a DNS server running on each VPN server that can only be accessed via the tunnel on this address: 10.8.0.1 (or any other address matching 10.x.0.1)
How do I use Mullvad's DNS server?
If you are using the Mullvad VPN client, make sure the Stop DNS leaks setting is enabled. Look at our guide Mullvad client - Settings for instructions. This setting removes all other DNS servers and adds Mullvad's. This prevents your internet service provider (ISP) or anyone on your local network from potentially seeing which domain names you are looking up, and therefore, which websites you are visiting. For this setting to take effect, you have to disconnect from the Mullvad client and then connect again.
If you are using another VPN client or a router to access Mullvad, please set your DNS to 126.96.36.199 to point towards Mullvad's DNS server. This in order to not leak information to a DNS server about what sites you are visiting. This means that our DNS server is always used, so if your traffic for some reason ends up on the public internet it goes to our non-logging DNS server. It's worth to note that all our VPN servers hijack calls to our public DNS server and that the DNS requests are processed on a local non-logging DNS server installed on that VPN server. This is done to process requests faster and to leak less information to the internet.