Why Change DNS on Mac
Your Mac uses whatever DNS server your network provides. On most home networks, that means your router hands out your ISP's DNS addresses via DHCP. The ISP resolver works, but it is rarely the fastest or most private option available.
ISP DNS servers are often under-provisioned. They handle queries for millions of subscribers, and during peak hours the response times climb. Some ISPs also log every domain you visit and retain those logs for months. A few hijack failed DNS lookups and redirect you to ad-filled search pages instead of showing a browser error.
Switching to a public DNS resolver fixes all of these problems at once. Cloudflare 1.1.1.1 responds in roughly 11 milliseconds on average. Google Public DNS 8.8.8.8 is nearly as fast with near-perfect uptime. Quad9 9.9.9.9 blocks known-malicious domains before they reach your browser. All three are free, take about two minutes to configure, and are instantly reversible.
The process on macOS is simple. You can do it through the System Settings GUI in under a minute, or use the terminal if you prefer the command line. Both methods produce the same result. This guide covers both approaches, how to verify the change took effect, and how to flush the DNS cache so your Mac starts using the new resolver immediately.
Method 1: Change DNS Through System Settings
This is the standard GUI method. It works on macOS Sonoma, Ventura, Monterey, Big Sur, and Catalina. On older versions like Mojave or High Sierra, the menu labels are slightly different — the section is called "System Preferences" instead of "System Settings," and the button says "Advanced" instead of "Details."
Step-by-step for macOS Sonoma and later
- Click the Apple menu (top-left corner of your screen) and select System Settings.
- Click Network in the left sidebar.
- Select your active connection from the list on the right. If you are on Wi-Fi, click Wi-Fi. If you are on a wired connection, click Ethernet. The active connection shows a green dot and says "Connected."
- Click the Details button in the bottom-right corner of the connection panel.
- Click the DNS tab at the top of the details window.
- Under the DNS Servers section, you will see the current DNS addresses. These are usually your ISP's resolvers (like 192.168.1.1 or your ISP's public IPs). Click the + button at the bottom of the list.
- Type your preferred DNS address. For Cloudflare, enter 1.1.1.1. Press Return.
- Click + again and enter the secondary DNS: 1.0.0.1. Press Return.
- To remove the old ISP DNS entries, select each one and click the - button at the bottom. Removing the old entries ensures your Mac always uses the new resolver.
- Click OK to close the details window, then click Apply in the bottom-right corner of the Network panel.
macOS applies the changes immediately. You do not need to restart, log out, or reconnect to the network. The next DNS lookup your Mac makes will go to the new server.
For macOS Ventura and Monterey
The steps are nearly identical, but the interface looks slightly different. Go to System Settings → Network → select your connection → click the three-dot menu or the "More" button → click Advanced → DNS tab. The rest of the process — adding servers with +, removing old ones with -, and clicking OK — is the same.
For macOS Big Sur, Catalina, and Mojave
Open System Preferences (not System Settings) → click Network → select your connection on the left → click Advanced in the bottom-right → DNS tab. The layout of the DNS tab is the same: + to add, - to remove, and OK to confirm.
Method 2: Change DNS with the networksetup Terminal Command
If you prefer the command line or need to change DNS programmatically (for example, in a setup script), macOS provides the networksetup utility. This tool can set DNS servers for any network interface without opening System Settings at all.
Step 1: Find your network service name
Open Terminal (Applications → Utilities, or search with Spotlight). List all network services:
networksetup -listallnetworkservices
You will see output like:
An asterisk (*) denotes that a network service is disabled.
Wi-Fi
Ethernet
Bluetooth PAN
Thunderbolt Bridge
The service name you need is usually Wi-Fi for wireless connections or Ethernet for wired. If you renamed your connection in System Settings, use that custom name.
Step 2: Set the DNS servers
Run the following command, replacing "Wi-Fi" with your actual service name if different:
networksetup -setdnsservers Wi-Fi 1.1.1.1 1.0.0.1
This command sets both the primary (1.1.1.1) and secondary (1.0.0.1) DNS servers for the specified network interface. The change takes effect immediately.
Step 3: Verify the change
Check the current DNS configuration for your connection:
networksetup -getdnsservers Wi-Fi
The output should show:
1.1.1.1
1.0.0.1
Revert to automatic (DHCP) DNS
If you want to go back to your ISP's default DNS, run:
networksetup -setdnsservers Wi-Fi Empty
The word Empty tells macOS to clear the manual DNS entries and resume using whatever DNS servers the DHCP server provides.
Changing DNS for Ethernet
Just swap the service name:
networksetup -setdnsservers Ethernet 1.1.1.1 1.0.0.1
Using sudo
The networksetup command requires administrator privileges. If you get a "You need administrator access to run this tool" error, prepend sudo:
sudo networksetup -setdnsservers Wi-Fi 1.1.1.1 1.0.0.1
You will be prompted for your Mac login password. Enter it (the cursor will not move — this is normal) and press Return.
Verify DNS Is Working with dig
After changing your DNS settings, confirm that your Mac is actually using the new resolver. The dig command sends a DNS query and shows you which server answered.
Basic verification
Open Terminal and run:
dig example.com
Look at the SERVER line in the output. It will show the IP address of the DNS server that responded to the query. If it shows 1.1.1.1 (or whichever server you configured), the change took effect.
Targeted query to a specific server
To compare your new DNS against your old one, query a specific server directly:
dig @1.1.1.1 example.com
dig @8.8.8.8 example.com
The @ prefix tells dig to send the query to a specific DNS server instead of using your system default. Run both and compare the response times in the Query time field.
Check which server your system uses by default
Run dig without specifying a server and look for the SERVER line:
dig +short example.com
This returns just the IP address of the resolved domain. For more detail about the server that answered:
dig example.com | grep SERVER
Alternatively, use scutil --dns to see the full DNS configuration macOS is using:
scutil --dns
This dumps the resolver configuration, including which DNS servers are active and which search domains are configured. Look for the "DNS configuration" section — it lists the servers in priority order.
Test with nslookup
If you are more familiar with nslookup (the Windows equivalent), it works on macOS too:
nslookup example.com
The output shows which server answered the query. For a quick comparison of response times between different resolvers, run our DNS speed test — it tests 17+ servers simultaneously and shows actual latency from your location.
Flush DNS Cache on macOS
After changing DNS servers, your Mac may still have cached results from the old resolver. Flushing the cache forces your Mac to re-fetch everything from the new server.
The universal flush command
Open Terminal and run:
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Enter your Mac login password when prompted. The command completes silently — no output means it worked. This single command flushes the directory service cache and restarts the mDNS daemon, covering all macOS versions from Lion (10.7) through Sonoma (14) and beyond.
Why both commands?
macOS uses two separate DNS caching mechanisms. The dscacheutil command clears the directory service cache, which stores domain-to-IP mappings. The killall -HUP mDNSResponder command sends a reload signal to the mDNS daemon, which handles multicast DNS and also caches unicast DNS responses. Running both ensures nothing lingers.
Verify the flush
You can signal mDNSResponder to log its cache statistics to the system log:
sudo killall -INFO mDNSResponder
Open Console.app and filter for "mDNSResponder" to see the cache size before and after flushing.
Do you always need to flush?
Not necessarily. Most systems gradually replace old cached entries as their TTLs expire. If you just changed your DNS for general browsing, the old entries will clear themselves within a few minutes to hours. But if you want immediate results — for example, to run a speed test with the new resolver — flushing guarantees a clean slate. For more details, see our complete DNS cache flush guide or the Mac-specific macOS flush guide.
Recommended DNS Servers for Mac
Here are the best public DNS servers to use. Pick based on what you care about most — speed, security, or privacy.
| Provider |
Primary |
Secondary |
Best For |
| Cloudflare |
1.1.1.1 |
1.0.0.1 |
Speed — fastest global resolver |
| Google |
8.8.8.8 |
8.8.4.4 |
Reliability — near-100% uptime |
| Quad9 |
9.9.9.9 |
149.112.112.112 |
Security — blocks malicious domains |
| OpenDNS |
208.67.222.222 |
208.67.220.220 |
Families — content filtering |
| Cloudflare (Family) |
1.1.1.3 |
1.0.0.3 |
Parental controls — blocks adult content |
Run our DNS speed test first to see which resolver is actually fastest from your specific location. Global averages do not account for your ISP's peering arrangements. For a full comparison of all providers, see our best DNS servers list.
DNS Settings Per Wi-Fi Network
macOS remembers DNS settings on a per-network basis. This means you can have Cloudflare at home and Google at the office without switching back and forth. Each time you connect to a different Wi-Fi network, macOS loads the DNS configuration you saved for that specific network.
The DNS tab in System Settings shows only the servers configured for the network you are currently editing. When you connect to a new Wi-Fi network for the first time, macOS uses whatever DNS the network provides. You can then go into that network's details and set custom DNS servers that will persist every time you reconnect.
This is useful if you want security-focused DNS (Quad9) on public Wi-Fi but speed-focused DNS (Cloudflare) at home. Configure each network once, and macOS handles the rest automatically.
One caveat: if you change DNS at the router level, every device on that network — including your Mac — will use the router's DNS. Your per-network Mac settings override the router's DNS for that specific Mac, but they do not affect other devices on the same network.
Frequently Asked Questions
Will changing DNS on my Mac make the internet faster?
It depends on how slow your current DNS is. If your ISP's resolver is under load, switching to Cloudflare or Google can shave 20 to 100 milliseconds off each domain lookup. That adds up across the dozens of lookups a typical page triggers. The improvement is most noticeable on content-heavy sites that pull resources from many different domains. It will not increase your download speed or bandwidth — it only affects how quickly domain names are resolved.
Is it safe to change DNS on macOS?
Yes. Changing DNS only affects how your Mac translates domain names into IP addresses. It does not touch your files, applications, or any other system settings. Public DNS servers from Cloudflare, Google, and Quad9 are used by hundreds of millions of people worldwide. The change is also completely reversible — you can revert to automatic DNS at any time from the same menu.
Do I need to restart my Mac after changing DNS?
No. macOS applies DNS changes the moment you click Apply (GUI) or run the networksetup command (terminal). The next DNS query your Mac makes goes to the new server. There is no restart, logout, or network reconnect required. You may want to flush the DNS cache if you want immediate results, but even without flushing, the old cached entries expire naturally within minutes.
Does changing DNS on my Mac affect my iPhone or other devices?
No. Changing DNS on a single Mac only affects that Mac. Your iPhone, iPad, and other devices continue using whatever DNS they are configured with. To change DNS for every device on your network, either change it at the router level or configure each device individually. See our complete guide to changing DNS on any device for instructions on every platform.
How do I revert back to my ISP's DNS?
Open System Settings → Network → select your connection → Details → DNS tab. Remove all the DNS entries you added by selecting them and clicking the - button. Then click OK and Apply. macOS will revert to obtaining DNS automatically via DHCP. In the terminal, run networksetup -setdnsservers Wi-Fi Empty to achieve the same thing.