Does DNS Affect Internet Speed?

DNS operates at a different layer than your bandwidth. Learn why DNS filtering rarely impacts speed tests, and how to measure actual DNS performance when something feels slow.

Step 1: DNS and Bandwidth Are Different Things

This is the most important thing to understand: DNS does not affect your download or upload speed. They operate at completely different layers of the network stack.

  • Bandwidth (what speed tests measure) is the throughput of your connection — how many megabits per second your ISP delivers. This is determined by your physical connection (fiber, cable, WiFi) and your plan tier.
  • DNS resolution is a name lookup that happens before data transfer begins. It translates a domain name (like google.com) into an IP address. This lookup typically takes 5–50 milliseconds.

When you run a speed test on your Google Nest and get 860 Mbps, that's your raw bandwidth. When you run a speed test in a browser and get 26 Mbps, the bottleneck is almost certainly not DNS — it's more likely WiFi signal, browser overhead, the speed test server, or the device itself.

Think of it this way: DNS is like looking up a phone number in a directory. Bandwidth is the speed at which you can talk once the call connects. A slow directory lookup doesn't make your voice travel slower.

Step 2: What DNS Actually Does

Every time you visit a website, your device performs a DNS lookup to find the server's IP address. Here's the timeline:

  1. You type example.com in your browser
  2. Your device asks the DNS resolver (e.g., CleanBrowsing) for the IP address — this takes 5–50ms
  3. The resolver returns the IP (e.g., 93.184.216.34)
  4. Your browser connects to that IP and downloads the page — this is where bandwidth matters

After the first lookup, the result is cached — on the resolver, on your OS, and in your browser. Subsequent requests to the same domain skip the DNS step entirely until the cache expires (the TTL, typically 60–3600 seconds).

For a single domain, DNS adds a one-time cost of a few milliseconds. On a speed test, which measures sustained throughput to a single server, DNS has essentially zero impact.

Step 3: Where DNS Can Actually Matter

While DNS doesn't affect raw bandwidth, there are real-world scenarios where DNS performance impacts the perceived speed of browsing:

Modern Websites Load Dozens of Domains

A single webpage in 2026 doesn't just load from one domain. A typical page may contact 30–80 different domains:

  • The main site domain (example.com)
  • CDN domains for images, CSS, JavaScript (cdn.example.com, static.cloudfront.net)
  • Authentication providers (accounts.google.com, login.microsoftonline.com)
  • Analytics and tracking (google-analytics.com, facebook.net, doubleclick.net)
  • Ad networks (multiple domains per ad)
  • Third-party widgets, fonts, APIs

Each unique domain requires its own DNS lookup. If your DNS resolver is slow (say 100ms per lookup) and a page loads 50 unique domains, that's potentially 5 seconds of DNS overhead — even on a fast connection. With a fast resolver (10ms per lookup), that same page adds only 500ms.

DNS Filtering and Blocked Domains

When CleanBrowsing blocks a domain, it returns an immediate response (either a block page IP or NXDOMAIN). This is actually faster than resolving the domain normally, because the blocked response comes directly from CleanBrowsing's cache without needing to query upstream servers. Blocked tracking and ad domains can make pages load faster, not slower.

Encrypted DNS (DoH/DoT) Overhead

Using DNS over HTTPS or DNS over TLS adds a small overhead for the TLS handshake on the first connection. After the initial handshake, the persistent connection handles subsequent queries with minimal added latency (typically 1–5ms). This is negligible in practice.

Step 4: Measure Actual DNS Lookup Time

Instead of guessing, measure your DNS performance directly. These commands show you exactly how long each DNS lookup takes.

Using dig (macOS / Linux)

The dig command shows query time in the output:

# Query CleanBrowsing directly
dig @185.228.168.168 google.com

# Look for the "Query time" line at the bottom:
# ;; Query time: 12 msec

Run it a few times — the first query may be slower (cache miss), subsequent queries will be faster (cache hit).

Using Resolve-DnsName (Windows PowerShell)
# Measure DNS resolution time
Measure-Command { Resolve-DnsName -Name google.com -Server 185.228.168.168 } | Select-Object TotalMilliseconds
Using nslookup with timing (Windows)
# PowerShell wrapper for timing
$sw = [System.Diagnostics.Stopwatch]::StartNew()
nslookup google.com 185.228.168.168
$sw.Stop()
Write-Host "DNS lookup took: $($sw.ElapsedMilliseconds)ms"
Batch Test Multiple Domains

Test realistic DNS load by resolving multiple domains sequentially:

# macOS / Linux — test 10 common domains
for d in google.com facebook.com youtube.com amazon.com twitter.com \
         reddit.com wikipedia.org netflix.com linkedin.com github.com; do
  echo -n "$d: "
  dig @185.228.168.168 +noall +stats $d | grep "Query time"
done
# PowerShell — same test
$domains = @("google.com","facebook.com","youtube.com","amazon.com",
  "twitter.com","reddit.com","wikipedia.org","netflix.com","linkedin.com","github.com")
foreach ($d in $domains) {
  $ms = (Measure-Command { Resolve-DnsName $d -Server 185.228.168.168 }).TotalMilliseconds
  Write-Host "$d : $([math]::Round($ms))ms"
}

Healthy DNS resolution should be under 50ms for cached queries and under 150ms for uncached queries. If you see consistently high times (200ms+), there may be a routing issue — run a traceroute to investigate.

Step 5: Measure Website Load Time (DNS vs Everything Else)

To see how much of a webpage's load time is DNS vs actual content download, use curl with timing variables:

curl with Timing Breakdown
# macOS / Linux
curl -o /dev/null -s -w "\
  DNS Lookup:  %{time_namelookup}s\n\
  TCP Connect: %{time_connect}s\n\
  TLS Done:    %{time_appconnect}s\n\
  First Byte:  %{time_starttransfer}s\n\
  Total:       %{time_total}s\n" \
  https://www.google.com

Example output:

  DNS Lookup:  0.012s
  TCP Connect: 0.025s
  TLS Done:    0.058s
  First Byte:  0.089s
  Total:       0.142s

In this example, DNS took 12ms out of a total 142ms page load — about 8%. The rest is TCP connection, TLS handshake, server processing, and data transfer. On most websites, DNS is a small fraction of total load time.

Test Without DNS (Direct IP)

To completely isolate DNS from the equation, resolve the domain first, then connect by IP:

# Get the IP
dig +short google.com
# → 142.250.80.46

# Connect directly by IP (skip DNS entirely)
curl -o /dev/null -s -w "Total: %{time_total}s\n" \
  --resolve www.google.com:443:142.250.80.46 \
  https://www.google.com

Compare the total time with and without DNS. The difference is your DNS overhead for that domain.

Browser DevTools

In Chrome/Edge, open DevTools (F12) → Network tab → reload the page. Click any request and look at the Timing tab. You'll see "DNS Lookup" as a separate segment. Sort by domain to see which third-party domains are adding DNS overhead. See our DevTools guide for more detail.

Step 6: Compare DNS Providers

If you suspect DNS is slow, compare CleanBrowsing against other resolvers:

# macOS / Linux — compare 4 resolvers
for server in 185.228.168.168 8.8.8.8 1.1.1.1 9.9.9.9; do
  echo -n "$server: "
  dig @$server google.com +noall +stats | grep "Query time"
done
# PowerShell
$servers = @{
  "CleanBrowsing" = "185.228.168.168"
  "Google" = "8.8.8.8"
  "Cloudflare" = "1.1.1.1"
  "Quad9" = "9.9.9.9"
}
foreach ($name in $servers.Keys) {
  $ms = (Measure-Command {
    Resolve-DnsName google.com -Server $servers[$name] -ErrorAction SilentlyContinue
  }).TotalMilliseconds
  Write-Host "$name ($($servers[$name])): $([math]::Round($ms))ms"
}

Run each test 3–5 times and average the results. The first query will be slower (cache miss); subsequent queries show cached performance. CleanBrowsing uses an Anycast network across 70+ global data centers, so queries are routed to the nearest server.

Important: Small differences (5–15ms) between providers are imperceptible to users. A resolver that's 10ms slower but provides content filtering is a worthwhile tradeoff. Differences only matter if one provider is consistently 100ms+ slower than others.

Step 7: Common Scenarios

"Speed test shows high bandwidth, but browsing feels slow"

This is rarely DNS. Common causes:

  • WiFi congestion — Speed tests use a single sustained connection; browsing opens many small connections. WiFi interference affects the latter more.
  • Slow third-party domains — A page may load fast from its own CDN but wait on slow analytics, ad, or auth domains. Use DevTools to identify which domains are slow.
  • Browser extensions — Ad blockers, privacy tools, and VPN extensions add processing overhead to every request.
  • Server-side slowness — The website itself may be slow to respond. DNS can't fix a slow server.
"Speed drops when I enable CleanBrowsing"

If you see a measurable speed difference after switching DNS, check:

  • Are you comparing the same test? Speed test results vary by 10–20% between runs due to network conditions. Run 5 tests with each DNS and compare averages.
  • Is your ISP's DNS intercepting and caching aggressively? Some ISPs maintain large local caches. CleanBrowsing queries may take a different network path. Run a traceroute to compare.
  • Are you using encrypted DNS? DoH/DoT adds a small initial overhead but is negligible for ongoing use. The first connection takes longer; subsequent queries reuse the TLS session.
"Google Nest speed test vs browser speed test"

Google Nest runs a speed test at the router level over a wired backhaul — measuring your raw ISP connection. A browser speed test runs over WiFi, through your device's network stack, through the browser engine. The difference (860 vs 26 Mbps) is almost certainly WiFi limitations, not DNS. Test with a device connected via Ethernet cable to isolate the variable.

"Certain websites are slow but others are fast"

This points to the website itself or specific third-party domains it loads, not DNS. Use the curl timing test from Step 5 on the slow domain. If DNS Lookup is under 50ms but Total time is high, the bottleneck is the server, not DNS.

Step 8: Optimizing DNS Performance

If DNS resolution is genuinely slow (consistently 100ms+ per query), here are practical fixes:

Configure DNS at the Router

When DNS is set at the router level, the router acts as a local DNS cache for all devices. After any device resolves a domain, the result is cached locally — subsequent lookups from any device on the network are near-instant. See our router setup guide.

Use Encrypted DNS (DoH/DoT)

Encrypted DNS keeps a persistent connection to CleanBrowsing's servers. After the initial TLS handshake, queries flow through the existing connection with minimal overhead. This can actually be faster than plaintext DNS for subsequent queries because it avoids per-query UDP overhead. See encrypted DNS setup.

Check for DNS Leaks

If your device is querying multiple DNS providers (your ISP + CleanBrowsing), each query may go to a different server, preventing efficient caching. Run a DNS leak test to verify only CleanBrowsing is handling your queries.

Reduce Third-Party Domains

CleanBrowsing's content filtering blocks many tracking and ad domains at the DNS level. This eliminates DNS lookups, TCP connections, and data transfer for those domains entirely — making pages load faster. If you're on the Family or Adult filter, you're already benefiting from this.

Flush DNS Cache If Stale

Occasionally, stale or corrupt DNS cache entries can cause delays. Clear your DNS cache if specific domains are consistently slow while others are fine.

Related Guides

DNS Leak Test
Using Traceroute to Test DNS
Command-Line DNS Tools
Debug with Browser DevTools

Need more help?

Contact our support team for assistance.

Contact Support