DNS Resolver

How DNS Works on Android

By default, Android uses the DNS servers provided by your network via DHCP:

Android sends DNS queries to these servers to translate domain names (like example.com) into IP addresses.

If the primary DNS server doesn’t respond or fails to resolve a domain, Android will try the secondary DNS servers provided by the network.
As a last resort (though not officially documented), Android may attempt to use other known DNS servers like Google DNS (8.8.8.8), depending on the device or manufacturer.
Note: The Android Open Source Project (AOSP) does not have a hardcoded fallback DNS; fallback behavior relies entirely on the DNS servers provided by your network.

Since Android 9, you can enable Private DNS:

When activated, Android sends DNS queries to a specified encrypted DNS provider (e.g., dns.google).
If this Private DNS server becomes unreachable, Android falls back to the unencrypted DNS servers from the network.
This ensures DNS resolution continues even if Private DNS fails, although temporarily without encryption.

If the primary iodé DNS server is unreachable or fails, iodéOS automatically switches to Quad9 Unblocked DNS (9.9.9.10).

Quad9 Unblocked DNS offers a balanced combination of security, privacy, and uncensored access:

Security: blocks access to known malicious domains (malware, phishing, etc.).
No censorship: does not block any legitimate websites, ensuring free internet access.
Privacy-respecting: does not log IP addresses or DNS queries.
Supports encryption: compatible with DNS over TLS (DoT) and DNS over HTTPS (DoH) to keep DNS queries private and secure.
Performance: backed by a global network for fast and reliable DNS resolution.

iodéOS strikes a balance between privacy, security, and freedom by:

Updated on 23 May 2025