Private DNS


DNS powers the internet. Basically, it's a protocol that tells your device where to find a website, or domain, on the internet. The side effect is that there are websites and domains that are nefarious, harmful, and downright bad. Others are just annoying as they supply tons of pop-up ads and fill websites full of annoying ads.

People try to stop this by installing extensions to Chrome, adding additional applications to their computers, mobile devices, and so on. This can slow your device down. This only works on the device installed. This does not provide you a global solution for your entire network or your device on-the-go (when supported by your hardware vendor).

Recently, software and devices for network-based solutions have been all the rage. Other companies offer paid solutions that do the same thing. Well, I am doing it a bit differently.

My system provides DNS resolution using blocklists, filters, and more. Android Pie users and others with the capability can use DNS-over-TLS for system access. Further, the system uses DNS-over-HTTPS to root nameservers when queries are made. Essentially, Pi-Hole was the inspiration and a portion of the core of this project.


For Your LAN Network: add one of my IPs to be your primary DNS Server setting on your router. You can add another one of my IPs as your secondary entry or choose to use another provider as seconday. NOTE: the use of a nameserver from another provider may result in unintended performance failures such as websites loading ads, trackers, and malware.

Android Pie and other systems which use DNS-over-TLS: add DNS.DEREKGORDON.COM as your Private DNS provider. For Android Pie, you may find this in the system settings under Network->Advanced in most instances. This is not supported prior to Android 9.0 (Pie) and is not guaranteed to be in all devices as manufacturers may remove such features.


You can submit a Google Form to request a domain name be unblocked. Click here to make that request.


This is a free project backed solely on donations. Systems costs are unknown and will only increase as usage increases. The goal is to use content delivery networks and multiple VM instances to ensure rapid, filtered, and secure responses. Additionally, authentic SSL certificates are used. These are expensive to purchase and renew. But, these ensure you are getting the necessary security where applicable.

Please donate via PayPal to keep this alive: Click here to donate via PayPal.


The DNS pool is accessible via DNS.DEREKGORDON.COM. Use this pool for Private DNS options on mobile devices. It has the necessary SSL certificate assigned. All sub-addresses do not have paid-for, signed SSL certificates.

Independent servers are no longer available as I move to use peering options that supports both IPv4 and IPv6.

The system will no longer utilize Google Cloud CDN because the necessary IPv6 support as of October 10, 2019.

Below is an easily understandable example of a website with ads and pop-up videos using normal DNS versus none of these annoyances using this system:


Ads, auto-playing videos, and trackers before.

dailymail AFTER

None of that after.

Examples of websites with ads removed (credit Pi-Hole community for links to the websites):

Using normal DNS

Using my Private DNS

Using normal DNS

Using my Private DNS

Using normal DNS

Using my Private DNS


No warranty nor guarantee is made for the system's operation, lifespan o fthe project, or the results of usage. The end user is using the system at its own risk.

Are you seeing this ad? Private DNS keeps them away.