Use Dns Servers Advertised By Peer

Use Dns Servers Advertised By Peer

by

DNS (Domain Name System) plays a critical role in internet connectivity by translating domain names into IP addresses. When configuring network settings, one option available is “Use DNS servers advertised by peer.” But what does this mean, and how does it affect your internet connection?

This topic explores the concept, benefits, drawbacks, and practical applications of using peer-advertised DNS servers.

Understanding DNS and Peer-Advertised Servers

DNS servers act as the internet’s phone book, resolving domain names into numerical IP addresses. Typically, users rely on their ISP’s DNS servers or public DNS services like Google DNS (8.8.8.8) or Cloudflare DNS (1.1.1.1).

In VPNs, DHCP (Dynamic Host Configuration Protocol), and some network configurations, an option exists to use DNS servers advertised by a peer. Here, the term “peer” refers to a networked device, VPN provider, or ISP router that dynamically suggests DNS servers for your connection.

How Peer-Advertised DNS Works

When a device joins a network:

  1. The network peer (VPN, ISP, or router) provides an IP address along with suggested DNS settings.

  2. Your device automatically adopts these DNS settings instead of using manually configured ones.

  3. DNS queries are routed through the suggested servers, potentially altering performance, privacy, and security.

Benefits of Using Peer-Advertised DNS Servers

1. Simplified Network Configuration

For users who frequently switch between networks (e.g., travelers or remote workers), using peer-advertised DNS eliminates the need for manual adjustments. It ensures automatic adaptation to new environments.

2. Better Localized Performance

Peer-advertised DNS servers are often closer geographically and optimized for a specific network, leading to:

  • Faster domain resolution times

  • Reduced latency

  • Improved network compatibility

3. ISP or VPN-Specific Enhancements

Some ISPs and VPN providers configure DNS servers to optimize traffic routing or apply security measures (e.g., blocking malicious sites). This can enhance both performance and security.

4. Avoiding DNS Leaks in VPNs

VPN services often advertise their own DNS servers to prevent DNS leaks. If you use external DNS providers while connected to a VPN, your real location might be exposed. Using peer-advertised DNS ensures traffic stays encrypted and private.

Drawbacks of Using Peer-Advertised DNS

1. Lack of Control Over DNS Settings

Since your device automatically adopts the DNS settings provided by a peer, you might lose control over which DNS servers are used. This could result in:

  • Slower browsing speeds (if the peer’s DNS is not optimized)

  • Privacy concerns (if the DNS server logs user data)

2. Potential for DNS Hijacking

If the advertised DNS server is compromised or malicious, it can:

  • Redirect traffic to phishing websites

  • Inject ads or tracking mechanisms

  • Manipulate search results

This is a major concern in public Wi-Fi networks or untrustworthy VPN services.

3. Bypassing Custom DNS Services

Users who prefer using custom DNS services like Cloudflare DNS (1.1.1.1), Google DNS (8.8.8.8), or OpenDNS might find their settings overridden. This means losing access to:

  • Faster query responses

  • Parental control features

  • Custom security filtering

When Should You Enable or Disable Peer-Advertised DNS?

When to Enable It

  • Using a VPN that requires its own DNS for security

  • Connecting to ISP networks optimized for performance

  • Avoiding manual DNS configuration while switching networks

When to Disable It

  • If privacy is a concern (e.g., avoiding ISP tracking)

  • To maintain control over security settings (e.g., using encrypted DNS services)

  • When experiencing slow DNS resolution due to peer-assigned servers

How to Configure Peer-Advertised DNS in Different Systems

1. Windows

  1. Open Network & Internet Settings

  2. Go to Change adapter options

  3. Right-click your active connection > Properties

  4. Select Internet Protocol Version 4 (TCP/IPv4)

  5. Click Properties > Choose Obtain DNS server address automatically

  6. (Optional) Disable peer-advertised DNS by manually entering a preferred DNS

2. macOS

  1. Open System Preferences > Network

  2. Select your active connection > Advanced

  3. Navigate to the DNS tab

  4. Remove any peer-assigned DNS and enter a custom one if needed

3. Linux (Ubuntu Example)

  1. Open Network Settings

  2. Click on the active connection > IPv4 Settings

  3. Toggle Automatic DNS on or off, depending on preference

4. VPN Configuration (OpenVPN Example)

To disable peer-advertised DNS in OpenVPN, add the following line to the configuration file:

pull-filter ignore 'dhcp-option DNS'

This ensures your chosen DNS servers remain in use rather than the ones provided by the VPN.

Alternatives to Peer-Advertised DNS

If you choose to disable peer-assigned DNS, consider the following:

  • Google DNS (8.8.8.8, 8.8.4.4) → Fast and widely used

  • Cloudflare DNS (1.1.1.1, 1.0.0.1) → Privacy-focused

  • OpenDNS (208.67.222.222, 208.67.220.220) → Custom security filtering

  • Quad9 DNS (9.9.9.9) → Blocks malicious domains

The option to use DNS servers advertised by peer offers convenience, but it comes with potential drawbacks. While it ensures automatic DNS configuration and better network optimization, it can also lead to security vulnerabilities and privacy concerns.

If you prioritize security and privacy, manually configuring a trusted DNS provider may be a better choice. However, in VPN scenarios or ISP-optimized networks, peer-advertised DNS can provide better performance and prevent leaks.

Understanding how DNS settings impact your internet connection allows you to make informed decisions about enabling or disabling this feature.