DNS lookup is the invisible process that happens every time you visit a website. Your browser asks a DNS server for the IP address of a domain and waits for the answer before it can load anything. When that process is slow, every page load suffers even on a perfectly fast internet connection. This guide shows you exactly how to fix slow DNS lookup, step by step.
What actually causes slow DNS lookup?
Before you fix anything, you need to understand what is making your DNS slow. DNS slowness almost always falls into one of four root causes:
| Root cause | What is happening | How common |
| ISP DNS server overloaded | Your provider assigns a default DNS server shared by thousands of users in your area often poorly maintained and geographically distant | Extremely common affects most home users |
| Corrupted or stale DNS cache | Your OS stores recent DNS responses locally. When that cache gets corrupted or holds outdated records, lookups fail and retry repeatedly | Common especially after network changes |
| TTL set too low on your domain | A TTL of 300 seconds means every visitor’s browser repeats the DNS lookup every 5 minutes instead of caching it for hours | Common on shared hosting configurations |
| Slow hosting nameservers | Shared hosting providers often run overloaded nameservers that add 200–800ms to every first connection from a new visitor | Very common on budget hosting plans |
Step 1: Diagnose the problem before changing anything
Never change settings blindly. Run these diagnostic commands first to confirm that DNS is actually the bottleneck and to get a baseline you can compare against after fixing it.
Windows Command Prompt
Open Command Prompt (press Windows + R, type cmd, press Enter) and run:
| nslookup yourdomain.com Expected output: Server name and response timeA response time above 100ms indicates a slow DNS server |
| ping yourdomain.com If the first ping takes significantly longer than subsequent ones,DNS resolution is adding latency on your first connection |
Mac or Linux Terminal
Open Terminal and run:
| dig yourdomain.com — Look at the “Query time” line at the bottom of the output –Under 20ms = excellent20 to 80ms = acceptableAbove 80ms = worth fixingAbove 200ms = actively hurting your website performance |
| dig yourdomain.com +stats — Gives detailed timing data including the responding server — |
| Online diagnostic tools no installation requiredDNSperf.com compares: Your DNS provider response times against all major alternatives WorldwideDNSchecker.org: Tests DNS propagation and response from multiple global LocationsWebPageTest.org: Shows DNS lookup time in the waterfall chart for any URL you test |
Step 2: Switch to a faster public DNS server
This is the single highest-impact fix for most users and takes under five minutes. The default DNS servers from most ISPs respond in 80 to 400 milliseconds. The best public DNS servers respond in 10 to 30 milliseconds, a dramatic improvement that benefits every website you visit.
| Provider | Primary DNS | Secondary DNS | Avg response | Best for |
| Cloudflare | 1.1.1.1 | 1.0.0.1 | ~11ms | Speed + privacy our top recommendation |
| 8.8.8.8 | 8.8.4.4 | ~20ms | Reliability and global availability | |
| Quad9 | 9.9.9.9 | 149.112.112.112 | ~25ms | Speed + automatic malware blocking |
| OpenDNS | 208.67.222.222 | 208.67.220.220 | ~30ms | Family filtering and content controls |
How to change DNS on Windows 11
- Open Settings → Network & Internet → click your active connection
- Click DNS server assignment → Edit
- Switch from Automatic to Manual
- Enter 1.1.1.1 as preferred DNS and 1.0.0.1 as alternate DNS
- Click Save — the change takes effect immediately, no restart needed
How to change DNS on Mac
- Open System Settings → Network → click your active connection
- Click Details → navigate to the DNS tab
- Remove existing entries using the minus button
- Add 1.1.1.1 then add 1.0.0.1 using the plus button
- Click OK → Apply
How to change DNS on your router?
This is the most effective approach because it applies faster DNS to every device on your network simultaneously phones, tablets, smart TVs, and computers without configuring each one individually.
- Log into your router admin panel typically at 192.168.1.1 or 192.168.0.1 in your browser
- Find DNS settings usually under WAN, Internet, or Advanced Network settings
- Replace the existing DNS entries with 1.1.1.1 (primary) and 1.0.0.1 (secondary)
- Save and restart the router all connected devices now use faster DNS automatically
Step 3: Flush your DNS cache
After switching DNS servers, flush your old cache immediately. Without this step, your system continues using stale stored responses from the old DNS server for hours delaying the benefit of your switch.
Windows
| ipconfig /flushdns You should see: “Successfully flushed the DNS Resolver Cache” |
Mac (macOS Ventura and later)
| sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder Enter your admin password when prompted |
Linux (Ubuntu / Debian)
| sudo systemd-resolve –flush-caches Verify with: sudo systemd-resolve –statistics |
Chrome browser DNS cache (separate from your OS)
Chrome maintains its own independent DNS cache. Flushing the OS cache does not clear Chrome’s cache.
| 1. Open a new Chrome tab2. Go to: chrome://net-internals/#dns3. Click the “Clear host cache” button4. Also go to chrome://net-internals/#sockets and click “Flush socket pools” |
Step 4: Enable DNS over HTTPS (DoH)
Standard DNS queries travel across the network in plain text. This means your ISP, network administrators, and anyone monitoring traffic can see every domain you visit. DNS over HTTPS encrypts those queries which not only improves privacy but prevents DNS hijacking, a common cause of unexpectedly slow or failed lookups.
Enable DoH in Chrome
- Open Chrome Settings → Privacy and Security → Security
- Scroll to “Use secure DNS”
- Switch to “With a specific provider”
- Select Cloudflare (1.1.1.1) from the dropdown
Enable DoH in Firefox
- Open Firefox Settings → Privacy & Security
- Scroll to DNS over HTTPS section at the bottom
- Switch to Max Protection
- Select Cloudflare as the provider
Enable DoH system-wide on Windows 11
- Settings → Network & Internet → your active connection
- Click DNS server assignment → Edit → set Manual
- Enter 1.1.1.1 as preferred and 1.0.0.1 as alternate
- For each entry, open the Encryption dropdown and select “Encrypted only (DNS over HTTPS)”
- Save — your entire system now uses encrypted DNS
Step 5: Add DNS prefetching to your website
If you run a website, DNS prefetching tells browsers to resolve DNS for resources they will need before they actually request them. This eliminates lookup delay for third-party resources Google Fonts, analytics scripts, CDN assets, payment processors, and social widgets that most websites load.
Use dns-prefetch for standard third-party resources
Add these tags inside the <head> section of your HTML:
| <link rel=”dns-prefetch” href=”//fonts.googleapis.com”><link rel=”dns-prefetch” href=”//cdn.yourservice.com”><link rel=”dns-prefetch” href=”//www.google-analytics.com”><link rel=”dns-prefetch” href=”//www.googletagmanager.com”> |
Use preconnect for resources you will definitely load
Preconnect goes further than dns-prefetch: it resolves DNS, establishes the TCP connection, AND completes the TLS handshake in advance. Use it for the most critical third-party resources your page always loads:
| <link rel=”preconnect” href=”https://fonts.googleapis.com”><link rel=”preconnect” href=”https://fonts.gstatic.com” crossorigin> — Only preconnect to 2-3 domains maximum —- Too many preconnects compete for bandwidth and slow each other down — |
| Performance impactAdding dns-prefetch and preconnect tags regularly removes 200 to 600 milliseconds from perceived page load time particularly for visitors on mobile connections or slower broadband. This is one of the fastest performance wins available for any website. |
Step 6: Fix TTL settings on your own domain
TTL (Time to Live) controls how to fix slow DNS lookup long resolvers cache your records before checking again. A TTL of 300 seconds means every visitor repeats the DNS lookup every 5 minutes. A TTL of 86400 seconds means resolvers cache the result for 24 hours dramatically reducing lookup frequency and improving response times for repeat visitors worldwide.
| TTL value | Duration | When to use it |
| 300 | 5 minutes | Use temporarily before a planned server migration allows fast propagation |
| 3600 | 1 hour | Good default for most active websites that occasionally update DNS records |
| 14400 | 4 hours | Recommended for stable websites with infrequent DNS changes |
| 86400 | 24 hours | Best for fully stable, established websites with no planned IP changes |
How to update TTL settings?
- Log into your DNS provider dashboard Cloudflare, GoDaddy, Namecheap, or your hosting panel
- Find your A record and MX record entries
- Change the TTL value from the default low value to 3600 or higher
- Save the new TTL takes effect after the old TTL period expires
| Migration tip the 24-hour ruleIf you are planning a server migration or IP address change, drop your TTL to 300 seconds at least 24 hours before the change. This ensures DNS propagates globally within minutes once you make the switch. Raise it back to 3600 or higher once the migration completes successfully. |
Step 7: Move to a premium DNS provider
If you run a business website and DNS speed directly affects revenue or user experience, free DNS from shared hosting is not adequate. Premium DNS providers maintain globally distributed nameserver networks specifically optimised for low latency serving DNS responses from the city closest to each visitor.
| Provider | Best for | Cost | Global locations | Key advantage |
| Cloudflare DNS | Most websites free tier is excellent | Free (paid plans from $20/mo) | 300+ cities | Sub-20ms globally, DDoS protection included |
| AWS Route 53 | AWS-hosted infrastructure | $0.50/hosted zone/month | 80+ edge locations | Native AWS integration, latency-based routing |
| NS1 | Complex enterprise routing | From $300/mo | 30+ PoPs | Advanced traffic management and load balancing |
| Google Cloud DNS | GCP-hosted applications | $0.20/zone/month | Global anycast | 100% uptime SLA, tight GCP integration |
For most small to medium websites: Moving your domain’s nameservers to Cloudflare is the single most effective DNS performance improvement available delivering enterprise-grade speed, DDoS protection, and a globally distributed network at zero cost. The migration takes about 15 minutes and requires no technical expertise.
How to fix slow DNS lookup verify your worked?
After making changes, always run a second round of diagnostics to confirm the improvement and establish your new baseline.
- Run dig yourdomain.com again to compare the new Query time to your original measurement. You should see a drop from 150–400ms down to under 20ms
- Run Google PageSpeed Insights on your website look at the waterfall chart and find the DNS lookup row
- Use WebPageTest.org with test locations set to multiple cities this shows DNS performance for visitors globally, not just your own location
- Check the “Time to First Byte” (TTFB) metric a faster DNS directly improves TTFB, which Google uses as a Core Web Vitals signal
| DNS lookup time | Rating | Action needed |
| Under 20ms | Excellent optimal performance | No action needed |
| 20 to 50ms | Good acceptable for most use cases | Monitor but no urgent fix required |
| 50 to 100ms | Fair noticeable impact on first connections | Apply steps 1–3 from this guide |
| 100 to 300ms | Poor actively hurting page performance | Apply all steps in this guide urgently |
| Above 300ms | Critical severe user experience impact | Switch DNS provider immediately and audit nameservers |
Priority fix order work through this sequence
Follow this order for maximum impact with minimum time investment:
| Priority | Fix | Time needed | Impact | Cost |
| Do this first | Switch to Cloudflare DNS (1.1.1.1) | 5 minutes | Very high biggest single improvement | Free |
| Do this immediately after | Flush your DNS cache | 1 minute | High clears stale records right away | Free |
| Do this same session | Enable DNS over HTTPS | 5 minutes | Medium prevents hijacking and improves reliability | Free |
| Do this on your website | Add dns-prefetch and preconnect tags | 15 minutes | High removes 200 600ms from third-party load times | Free |
| Do this in your DNS dashboard | Raise your domain TTL to 3600+ | 5 minutes | Medium reduces repeat lookup frequency globally | Free |
| Do this if you run a business site | Move to Cloudflare nameservers | 15 minutes | Very high enterprise DNS at no cost | Free |
Most people who follow steps one through three see DNS lookup times drop from 150 to 400ms down to under 15ms within minutes of making the changes.
Conclusion
How to fix Slow DNS lookup is almost always caused by a poor default DNS server assigned by your ISP. Switching to Cloudflare’s 1.1.1.1 takes five minutes, costs nothing, and is the fastest single performance improvement most internet users and website owners can make. For website owners, combining that switch with dns-prefetch tags and Cloudflare nameservers typically reduces DNS-related latency by 80 to 95 percent, a meaningful improvement that benefits every visitor, every page load, every day.
Frequently asked questions
Will changing my DNS server affect my internet speed?
Changing your DNS server does not affect your download or upload speeds — your ISP connection bandwidth stays exactly the same. What changes is how quickly your browser resolves domain names before loading pages. On a fast connection where DNS was the bottleneck, you will notice websites feel more responsive and load faster, particularly on first visits to sites you have not recently visited.
Is it safe to use Cloudflare or Google DNS instead of my ISP’s DNS?
Yes, both are safer and more reliable than most ISP DNS servers. Cloudflare has a documented privacy policy committing to never logging or selling DNS query data. Google DNS does retain some query data as described in its privacy policy. Both providers maintain 100% uptime SLAs and protect against DNS-based attacks. Millions of users and major enterprises rely on both services daily.
How do I know if DNS is actually the problem and not something else?
Run “dig yourdomain.com” on Mac/Linux or “nslookup yourdomain.com” on Windows and check the Query time in the output. If it is above 80ms, DNS is a significant contributor to your slowness. Also check your website in WebPageTest.org the waterfall chart shows DNS lookup time as a separate bar for each request, making it easy to identify whether DNS or another factor (server response, large file downloads, render-blocking scripts) is the primary bottleneck.
Does DNS prefetching slow down my page if I add too many prefetch tags?
Yes, adding too many dns-prefetch or preconnect tags causes them to compete for bandwidth and actually slow each other down. Limit dns-prefetch to the domains your page actually loads from. Limit preconnect to a maximum of 2 to 3 of the most critical domains. Every additional preconnect consumes a TCP connection slot. Audit your third-party resources and only prefetch domains you are certain appear on every page load.
My TTL is already high. Why is DNS still slow for first-time visitors?
High TTL helps repeat visitors and cached resolvers, but first-time visitors always perform a fresh DNS lookup regardless of your TTL. For first-time visitors, the speed depends entirely on which DNS server they use and how close your authoritative nameserver is to them geographically. Moving to Cloudflare’s nameservers solves this because their 300+ global locations mean any visitor in the world gets a response from a nameserver within a few milliseconds of their location.
Will these fixes help my website’s Google ranking?
Yes, indirectly. Google uses Core Web Vitals as a ranking signal, and Time to First Byte (TTFB) is directly affected by DNS lookup speed. Faster DNS reduces TTFB, which improves the Largest Contentful Paint (LCP) score, one of the three Core Web Vitals metrics Google measures. Additionally, adding preconnect tags reduces the perceived load time for above-the-fold content, which also positively influences LCP.
