What is a DNS server?
Every time you enter a domain name into the address bar of your browser, click on a link, or download a picture or another resource from a website, you are most likely using the Domain Name System (DNS).
Your browser uses its configured DNS server to look up the IP address of that resource. The IP address, in turn, is used to download the resources you requested.
A normal website today is full of links to resources on the same site and other third party sites. This means your DNS server, or servers, will be contacted frequently.
Why are DNS servers important from a privacy perspective?
Since your browser contacts the DNS server for each and every new domain name request, the DNS server will know which pages you are visiting and what resources you are looking at. Therefore, you are constantly leaking information to your DNS server provider about what you are doing and when.
Usually the DNS server belongs to your Internet Service Provider (ISP) or a big company like Google.
Solution – Use Mullvad DNS servers
Because of the privacy issues mentioned above, Mullvad has its own public non-logging DNS server at the following IP address: 126.96.36.199.
We also have a DNS server running on each VPN server that can only be accessed via the tunnel on this address: 10.8.0.1 (or any other address matching 10.x.0.1).
How do I use Mullvad's DNS server?
If you are using the Mullvad VPN client, make sure the Stop DNS leaks setting is enabled. Look at our guide Mullvad client - Settings for instructions.
This setting removes all other DNS servers and adds Mullvad's. This prevents your internet service provider (ISP) or anyone on your local network from potentially seeing which domain names you are looking up and, therefore, which websites you are visiting.
For this setting to take effect, you have to disconnect from the Mullvad client and then connect again.
If you are using another VPN client or a router to access Mullvad, please set your DNS to 188.8.131.52 to point toward Mullvad's DNS server. This ensures that you don't leak information to a DNS server about whch sites you are visiting. This means that our DNS server is always used, so if your traffic for some reason ends up on the public internet, it goes to our non-logging DNS server.
It's worth noting that all our VPN servers hijack calls to our public DNS server and that the DNS requests are processed on a local non-logging DNS server installed on that VPN server. This is done to process requests faster and to leak less information to the internet.