Sweden-based VPN provider Mullvad announced today that its public encrypted DNS servers run fully in RAM. The announcement comes less than two months after Mullvad completed the migration of its VPN infrastructure to RAM.
The main benefit of running servers in RAM is that all traces of activity on disk are removed. Mullvad uses its own custom infrastructure to power its services and engineers are constantly working on improving it.
Encrypted DNS, widely known as DNS over HTTPS, protects DNS traffic by encrypting it. Network spies, such as the ISP or malicious actors, don’t get cleartext information anymore when the security feature is enabled.
Data is encrypted, which prevents third-parties from finding out about the sites that you access while connected to the Internet.
Mullvad’s encrypted DNS solution is available free of charge for everyone. The company advises customers of its DNS service, which is available for a flat-fee of 5 EUR per month, not to use the encrypted DNS service as the DNS resolver of the VPN server is handling this automatically. The performance of connections could be slower, if users make the switch.
Interested users may check out Mullvad’s extensive guide on setting up the encrypted DNS solution on their devices. The company operates several different DNS solutions. You may configure various content blocking options, besides the unfiltered DNS server option.
Here is the overview of the available hostnames and their content blocking level:
- No content blocking: dns.mullvad.net
- Ad and tracker blocking: adblock.dns.mullvad.net
- Ad, tracker and malware blocking: base.dns.mullvad.net
- Extended ad, tracker and malware blocking: extended.dns.mullvad.net
- Extended blocking plus adult, gambling and social blocking: all.dns.mullvad.net
Here are the full URLs and IPs of these options:
- https://dns.mullvad.net/dns-query — 194.242.2.2
- https://adblock.dns.mullvad.net/dns-uery — 194.242.2.3
- https://base.dns.mullvad.net/dns-query — 194.242.2.4
- https://extended.dns.mullvad.net/dns-query — 194.242.2.5
- https://all.dns.mullvad.net/dns-query — 194.242.2.9
Configuring Mullvad’s Encrypted DNS
The configuration in the web browser depends on the browser. In Firefox, you would select Settings > Privacy & Security > Max Protection under Enable secure DNS using > Choose provider > Custom and paste one of the URLs into the field.
In a Chromium-based browser, e.g., Chrome, Vivaldi, Opera or Brave, you would go to Settings > Privacy and Security > Security, enable the option use secure DNS. Select custom and paste one of the available URLs into the field.
You may check out our full guide on enabling DNS-over-HTTPS in browsers.
Microsoft uses different terms for some of the menus. Instead of Privacy and security, it uses Privacy, search, and services. The Custom option is replaced by Choose a service provider in Edge as well.
On Windows, you’d go to Settings > Network & Internet > Wi-Fi / Ethernet. If you have selected Wi-Fi, click on Hardware Properties to proceed.
Select the Edit button next to DNS server assignment, switch to Manual and toggle IPv4 to On. Paste the IP address of the encrypted DNS version that you want to use in the field. Turn DNS over HTTPS to On (manual template). Paste the URL of the selected service under DNS over HTTPS template. Select Save. Repeat the steps for IPv6.
On Android, you’d go to Settings > Network & Internet > Private DNS > Private DNS provider hostname and paste the URL of the selected service into the field.
Things are more complicated on iOS. It requires that you download the base or extended profile from Mullvad’s GitHub repository to install it on the device. Check out the full instructions by following the link provided above.
You can check if encrypted DNS is working on Mullvad’s website. You can alternative check for Secure DNS here.
Source: ghacks | By: Martin Brinkmann | November 11, 2023 | https://ghacks.net/2023/11/11/mullvads-public-encrypted-dns-servers-run-in-ram-now/
To learn more, contact us today!
Roberto Baires
