Configure Windows DNS Server and Linux to Use Cloudflare 1.1.1.1 DNS
It seems like as of recently there has been much movement in the public DNS space. Not long ago, the “quad 9” public DNS server was announced that touted as a new secure public DNS address that provides enhanced security benefits to those who utilize the address for DNS resolution. You can read much more about the “quad 9” service here: https://www.quad9.net/. Yesterday, on “April Fool’s” day, Cloudfare announced a new public DNS server address, 1.1.1.1, that it announced as a “privacy first” address that performs “28% faster” than any other DNS server out on the Internet. It seems like many are wanting to get into the space of the Internet’s name resolution services, providing lookups for public Internet purposes. Let’s see how to quickly configure Windows DNS Server and Linux to use Cloudflare 1.1.1.1 DNS including your own Windows DNS server providing name resolution.
Cloudflare DNS – Private and Fast
The new Cloudflare service touts the following benefits:
- New privacy safeguards – Cloudflare claims to never log your IP address with the new DNS service and sell that data as do many other ISPs and providers
- Speed enhancements – Cloudflare’s new 1.1.1.1 address is built for performance. As they mention on the site, they have been ranked #1 by DNSperf and their independent analysis of DNS resolver performance.
The neat thing with the new service is you can visit the address https://1.1.1.1/ and gain access to all the information and links regarding the service. In addition, they have provided a helpful set of instructions to walk end users through how to configure their DNS servers on various devices to point to the new service.
Configure Windows and Linux to Use Cloudflare 1.1.1.1 DNS
Below, we will quickly show how to configure, with screenshots, a Windows machine, Linux, as well as how to point a Windows DNS server to forward any queries to the new Cloudflare 1.1.1.1 address as well as the secondary Cloudflare DNS address.
Addresses:
The two addresses that you want to utilize for Cloudflare’s DNS resolvers are the following:
- 1.1.1.1
- 1.0.0.1
To change your Windows network settings to use the new Cloudflare addresses, navigate to the network configuration using the following:
- Type ncpa.cpl (opens network configuration in Windows)
- Choose the adapter you wish to make use of the new Cloudflare addresses on
- Select Internet Protocol Version 4 (TCP/IP4)
- Choose Properties
- Select the radio button to Use the following DNS server addresses
- Enter the addresses 1.1.1.1 and 1.0.0.1 for the Preferred and Alternate DNS servers.
Linux
For Linux and specifically Linux servers without a GUI, you can edit the following file on a Linux box. I am using a Ubuntu 16.04 server for reference.
Editing the resolv.conf.d/base file will be persistent through reboots
/etc/resolvconf/resolv.conf.d/base
The format of editing the file is the following:
nameserver 1.1.1.1 nameserver 1.0.0.1
After editing the file, you can either reboot or run the following command:
sudo resolvconf -u
Configure Windows DNS Server to Forward Queries to Cloudflare 1.1.1.1 DNS
What about a Windows Server that you have in your environment that is handling recursive DNS queries for your organization? We need to simply adjust our DNS Forwarders to point to Cloudflare DNS servers. Let’s see how to do that.
To open the DNS Server management console, type dnsmgmt.msc.  Right-click on the DNS server and select Properties
Select the Forwarders tab. Most likely you will already have some Forwarders populated here, either ISP servers or another provider. Click the Edit button to change the servers to Cloudflare 1.1.1.1 and 1.0.0.1 addresses. You should see them correctly resolve.
Thoughts
The new Cloudflare DNS servers are certainly cool additions to the public DNS space. It has been interesting to see the movement in this area of public Internet since it was static for years. Recently, there have been many new offerings including this latest from Cloudflare. The nice thing about DNS servers are they are super easy to change, especially if using DHCP as well as your own DNS server on premise. Be sure to check out and run your own testing of the new Cloudflare DNS servers.
