Disclosure: Top10VPN is editorially independent. We may earn commissions if you buy a VPN through links on our site.

VPN, DNS and Smart DNS: What’s the Difference?

JP Jones - CTO @ Top10VPN

JP Jones is our CTO. He has over 25 years of software engineering and networking experience, and oversees all technical aspects of our VPN testing process. Read full bio

Our Verdict

Smart DNS and VPN services both work to unblock geo-restricted websites and stream content from overseas. However, only a VPN will hide your IP address and encrypt your web traffic. Custom DNS will not spoof your location or encrypt your data, but it can help improve your speeds and security online.

DNS vs. VPN header image

If you’ve been looking at ways to access geo-restricted streaming services, you have probably come across Smart DNS, custom DNS, and VPN services as possible solutions.

All three of these technologies will benefit your internet browsing in different ways. They each come with their own drawbacks, too. So what’s the difference, and which is best?

SUMMARY: The Difference Between VPNs, Smart DNS, and Custom DNS

  • A top VPN hides your IP address, spoofs your location, and encrypts your web traffic. It’s the easiest way to unblock geo-restricted streaming content on a laptop or mobile, and the only solution that also hides your activity from your ISP.
  • Smart DNS reroutes your DNS requests through a proxy server, letting you bypass geo-restrictions on content. It’s cheap, fast, and easy to set up on devices that don’t support native VPN applications. However, it doesn’t protect your privacy.
  • Custom DNS changes the default DNS server your device uses to access websites and services. It can help improve your connection speeds and security in some situations, but it won’t unblock geo-restricted streaming services.

In this guide, we’ll detail the differences between VPNs, Smart DNS, and custom DNS. You’ll understand which is better, as well as how and when to use each solution.

EXPERT ADVICE: If you opt for a combined service like ExpressVPN’s MediaStreamer, you can get the benefits of a VPN and Smart DNS in one single subscription.

Comparison: Smart DNS vs. Custom DNS vs. VPN

Below is a table summarizing the key differences between DNS, Smart DNS, and VPN services:

Criteria Smart DNS VPN Service Custom DNS
Price Subscription Fee Subscription Fee Free
Speed Fast Slower Fast
Geo-Spoofing Yes Yes No
Compatibility All Devices Limited to Native Apps All Devices
Setup Difficulty Medium Easy Medium
Customer Support Sometimes Yes No
Encryption No Yes No
Hides IP Address No Yes No

What Is Smart DNS?

Pros Cons
Unblocks geo-restricted streaming services Can be complicated to set up
Works on devices that don’t support native VPN applications (e.g. Apple TV) Less flexible than VPN services (e.g. changing server location)
Cheaper than most top VPN services Does not hide your IP address
Very little impact on connection speeds Does not encrypt your web traffic
Included in many premium VPN subscriptions

Smart DNS technology is designed to bypass geographic restrictions on content. For example, you can use it to change your Netflix region and watch US Netflix from overseas.

Similar to VPNs, Smart DNS services usually come as part of a subscription package.

A smart DNS subscription is usually cheaper than a premium VPN plan, but the service doesn’t give you the same privacy and security protections.

Smart DNS doesn’t encrypt your traffic or hide your IP address, but it unblocks streaming services on devices where you cannot install a VPN.

For instance, you can easily use Smart DNS on Apple TV, PlayStation, or Xbox. You could use a VPN on these devices by installing it on your router, but it’s much simpler to use Smart DNS.

How Does Smart DNS Work?

Smart DNS services combine a DNS server with a proxy server.

When you try to access a streaming website with Smart DNS, your DNS request is routed through a proxy server in the country you’ve chosen.

As a result, your DNS address appears to originate in that country, and you’re able to access content restricted to that region.

How Smart DNS works

By combining a DNS server with a proxy server, you can use Smart DNS to bypass geo-restrictions on content.

For requests that don’t need any special routing, the DNS server behaves just like a normal DNS server.

Control D has bypassed standard internet requests

In this example, Control D has bypassed standard internet requests and redirected streaming-related requests through US DNS servers.

Instead of changing your IP address, Smart DNS forces the websites you visit to check your DNS before checking your IP. This means the location associated with your DNS address gets detected before the location of your IP.

There is no encryption using Smart DNS. Your ISP can see what services you’re connecting to. What’s more, your IP address is exposed to websites and online services. If you need privacy protection, use a VPN instead.

How to Use Smart DNS

Here’s a brief video explaining how to use ExpressVPN’s MediaStreamer Smart DNS on Apple TV:

How to use MediaStreamer Smart DNS on Apple TV.

To set up Smart DNS, follow these step-by-step instructions:

  1. Subscribe to a Smart DNS service. We recommend Control D or ExpressVPN’s MediaStreamer.
  2. The Smart DNS service is only authorized for use by subscribers, so you’ll need to enter your IP address before you can use it.
  3. Copy the Smart DNS IP address given to you by the service provider.
  4. Enter the Smart DNS IP address in your device’s DNS settings.
    • On Apple TV, go to Settings > General > Network > Wi-Fi > Your Network > Configure DNS > Manual. Enter the DNS address and restart your Apple TV.
    • On PS4, Go to Settings > Network > Set up internet connection > Custom. Choose WiFi (wireless) or LAN (wired) for your connection, automatic for your IP address, ‘do not specify’ for the DHCP Host Name, and ‘manual’ for the DNS settings. Enter the primary and secondary DNS addresses given to you by your Smart DNS provider.
    • On PS5, Go to Settings > Network > Settings > Set up internet connection. Choose your connection or set up a new one. Choose Advanced Settings > DNS Settings > Manual. Enter the primary and secondary DNS addresses given to you by your Smart DNS provider.
  5. The Smart DNS service will now be activated.

How to Troubleshoot Smart DNS Issues

If you’re having difficulties getting Smart DNS working, try the following solutions:

  1. Make sure you have given your Smart DNS provider the correct IP address for your device.
  2. Reboot your device. Software updates can cause issues with Smart DNS services.
  3. Make sure your device has the correct Smart DNS IP addresses configured.
  4. If your device only has room for one DNS entry, use your Smart DNS provider’s secondary DNS IP address to see if that works.
  5. If your device can accept a primary and secondary DNS, enter the same Smart DNS IP address into both boxes.
  6. Clear your browser’s cache or reinstall the streaming app you’re using.
  7. Set custom DNS on your router to 1.1.1.1 as a primary DNS (Cloudflare) and 8.8.8.8 as a secondary DNS (Google).

What is a VPN?

Pros Cons
Unblocks geo-restricted streaming content Premium services can be expensive
Encrypts your web traffic Difficult to use with devices that do not support native applications e.g. Apple TV or Playstation
Hides your public IP address Some free VPN services can be dangerous
Easy to install and use  
Usually includes customer support  

Virtual Private Network (VPN) software encrypts your internet connection and hides your IP address. This stops your ISP, malicious actors, and government agencies from monitoring your internet activity.

The VPN client running on your device creates an encrypted tunnel to a server in a location of your choice. This VPN server then forwards your requests to the web services you want to access, which makes it look like you’re visiting them from a different location.

how a virtual private network (VPN) works

VPN software connects your device to a remote server through an encrypted tunnel.

If you want to watch BBC iPlayer, for example, you’ll have to connect to a UK VPN server to unblock it.

A VPN service may also include its own DNS service to prevent your ISP monitoring your DNS requests. ExpressVPN and NordVPN run their own private DNS servers, for example.

It’s easier to download and use a VPN than it is to change your DNS settings. Once installed, it’s also much easier to change your VPN location than it is to switch between regions with Smart DNS.

Top streaming VPNs are simple to use on most devices and unblock region-restricted content. This makes them the best choice for most users on desktop and mobile devices.

Unlike Smart DNS and custom DNS, VPN services also encrypt your data, which prevents websites and services from tracing your browsing activity back to you.

Premium VPN services are usually more expensive than standalone DNS providers, though.

VPNs are also more difficult to use on devices that don’t support native applications, such as Smart TVs. However, you’ll have access to superior customer support teams and greater flexibility over the servers you connect to.

How to Use a VPN Service

Here’s a quick video showing you how to download and connect to ExpressVPN:

How to Use ExpressVPN on Mac.

  1. Subscribe to a trustworthy VPN service like ExpressVPN. We recommend opting for a premium VPN if you want to access region-restricted content, as even the best free VPNs struggle to unblock geo-blocked streaming services.
  2. Download and install the VPN software from the VPN provider’s website or App Store.
  3. Run the VPN software and log in using your account details.
  4. Connect to a VPN server. You can choose which country and sometimes which city you want to connect to, so you can access content available in that region.
  5. Use your web browser and other applications as usual. Your online activities will be encrypted and routed through the VPN server, while your true IP address is hidden.

What Is a Custom DNS Server?

Pros Cons
Faster and more secure than your ISP’s default DNS server Does not unblock streaming services
Free to use Does not hide your IP address or encrypt your web traffic
Some DNS providers can be slow, unreliable, or unsecure

Every website has a unique IP address. If it’s an IPv4 address, it’s usually a sequence numbers of separated by dots, such as 192.0.2.0. Those sequences aren’t easy to remember, so we use domain names to identify websites instead, such as example.com.

When you enter a website address in your browser, it needs to convert the domain name to an IP address so it can connect to the website’s server.

To do this, your computer consults a server called a DNS resolver, which retrieves the website’s IP address for you. Your device can then connect to the IP address to download the content you’ve requested.

How the DNS resolver finds out the IP address for a website

Your DNS resolver finds out the IP address for a website, so your device can connect to its server.

The DNS system does not need to return the same IP address to everyone. A service or website might be hosted on multiple servers around the world, and you could be directed to the one that’s closest to you.

Your devices will most likely use your ISP’s DNS resolver, but that means your ISP can see which websites you’re visiting. DNS requests are plaintext records of the websites you visit, and ISPs often store these together with your IP address.

You can change from your ISP’s DNS servers to a custom DNS server. Public DNS services are available from Google and Cloudflare, among others. This can prevent your ISP from automatically logging your DNS requests, but it will not hide your IP address, encrypt your traffic, or unblock geo-restricted streaming services.

Changing your DNS server does not stop your ISP snooping on your online activities completely, though. Your DNS requests will still pass through your ISP’s network devices, which means they’re susceptible to packet sniffing if they’re unencrypted.

If you need to unblock geographically restricted streaming services, use Smart DNS or a VPN. Changing your DNS server won’t do it. If you need to protect your online privacy, using a VPN is your best option.

If you want to find out which servers you’re using, you can use our tool to check your DNS servers.

Why Change Your DNS Server?

Switching to a custom DNS server won’t help you unblock websites, but it can improve your speeds slightly if your ISP’s default servers can’t cope with the requests they receive.

In certain circumstances, it can also protect you against cyberattacks that target the DNS system. For example, cache poisoning attacks aim to flood DNS servers with fake name server responses, replacing legitimate IP addresses with malicious ones.

The Domain Name Security Extensions (DNSSEC) protect against attacks like this, but the rate of DNSSEC validation is only 36% worldwide. You can switch your DNS server to one that supports DNSSEC, such as Google’s or Cloudflare’s.

EXPERT TIP: ‘DNS hijacking’ malware can change the DNS settings on your device to redirect your DNS requests to a malicious server. You can avoid this type of attack using basic online hygiene including a firewall, antivirus software, and being careful with your downloads.

How to Change Your DNS Server

How to Change Your DNS Server on Xbox One.

  1. Find a Public DNS service you can use. It’s important to choose one with a reliable infrastructure that will not monitor your activities. For example, Google’s primary DNS is 8.8.8.8, and its secondary DNS is 8.8.4.4. You can find more recommended DNS servers on our DNS checker tool.
  2. Navigate to the network settings for the connection you’d like to change (e.g. Ethernet or Wi-Fi).
  3. Make a note of your existing DNS settings, in case you need to revert your settings later.
  4. Update your DNS settings to use the primary and secondary DNS servers of your new DNS provider.
  5. Test your new connection. Clear your browser cache and visit a website using a domain name. If it works, your DNS is set up correctly.

Google offers detailed instructions to apply these steps for Windows, macOS, Linux, Chrome OS, and routers. If you change the DNS settings on your router, it will affect all the devices that connect to the internet through that router.

Which Is Better: Custom DNS, Smart DNS, or a VPN?

We’ve compared custom DNS, Smart DNS, and VPN services by their average speeds, ability to bypass geo-restrictions, security benefits, and more.

In the table below, you’ll see which solution is the winner in each testing category. Here’s a summary of the results:

Testing Category VPN Smart DNS Custom DNS
Speed Loser Loser Winner
Unblocking Geo-Restrictions Winner Winner Loser
Bypassing Censorship Winner Loser Loser
Privacy & Security Winner Loser Loser
Torrenting & P2P Winner Loser Loser
Gaming Loser Winner Loser
Compatibility Loser Winner Winner
Ease of Use Winner Loser Loser
Price Loser Loser Winner

The best way to protect your privacy and unblock streaming content is to use a VPN service. If you need to bypass geo-restrictions on a device that does not support VPNs, use Smart DNS, which is often cheaper too. Here’s some advice on when to use each option:

Use a VPN if:

  • You want to unblock streaming services or protect your torrenting activity
  • You want to avoid ISP throttling your internet speeds
  • You want to hide your IP address and evade surveillance online
  • You need to safely bypass online censorship

Use Smart DNS if:

  • You want to unblock streaming services on a device that cannot install a VPN, such as a games console or Smart TV.

Use a custom DNS server if:

  • You want to avoid your ISP’s default DNS servers
  • Your default DNS servers are slow, unreliable, or unsecure
  • You aren’t concerned with streaming geo-blocked content

Speed Winner: Custom DNS

A custom DNS server can actually speed up your internet connection because you can use DNS resolvers that are faster than your ISP’s. It doesn’t encrypt your traffic or reroute it through a proxy server, which means it’s faster than Smart DNS or VPN services.

Smart DNS does not encrypt your data either, which means there is also minimal speed loss. However, it still needs to redirect your traffic to a DNS server in your chosen location, which does incur a small time penalty.

Smart DNS speed test

Our tests show Smart DNS had a minimal speed loss.

VPN services encrypt your data and reroute it through a remote server, which means they will almost always slow down your connection slightly. This speed loss can reach 30% or more depending on your VPN provider and the physical distance between you and the VPN server.

In our tests, the fastest VPN services reliably measure speed losses of 5% or less. This means their effect on your internet connection is negligible, and they’re more than fast enough to stream HD content without issues.

Unblocking Geo-Restrictions Winner: VPN & Smart DNS

Custom DNS will not unblock streaming services, but VPN services and Smart DNS will work equally well.

In fact, Smart DNS is often more reliable at bypassing region restrictions than VPNs. MediaStreamer Smart DNS, for example, consistently works with both US Netflix and BBC iPlayer, among other streaming services.

Streaming US Netflix with MediaStreamer

MediaStreamer worked with US Netflix more often than any VPN server.

However, using a full VPN application gives you more control over the country you access. This enables you to unblock a wider range of Netflix libraries than a Smart DNS service. It can also bypass firewalls that block streaming services.

Bypassing Censorship Winner: VPN

Custom DNS and Smart DNS can help to evade some forms of censorship when imposed at the DNS level.

By changing your DNS servers, it’s possible to evade your ISP’s DNS system and bypass any DNS-based content filtering. It’s also possible to bypass parental control solutions that use DNS queries to block prohibited content.

A VPN is the best way to safely unblock websites in highly-censored countries.

However, a VPN is the best way to safely unblock websites in highly-censored countries. A VPN will hide your IP address and encrypt your data where Smart DNS does not.

Top-rated VPNs also include obfuscation technology, which disguises VPN traffic as normal HTTPS traffic to help it bypass national firewalls.

Privacy and Security Winner: VPN

Some custom DNS solutions can improve your online security. For example, Google Public DNS benefits from mitigations against DNS cache poisoning attacks, which your ISP might not have in place.

Smart DNS will reroute your DNS requests, but it will not hide your IP address or encrypt your data. Your ISP can see what you are doing online, and can throttle your streaming connection.

Using a VPN is by far the best option for improving your privacy and security. The VPN software will hide your IP address and encrypt your data using robust ciphers like AES-256, which means your ISP cannot monitor your activity.

Torrenting Winner: VPN

Torrenting without a VPN can be dangerous. Without protection, you risk revealing your activity and identity to your ISP, copyright trolls, and other torrenters in the swarm.

Smart DNS and Custom DNS do not hide your IP address, which means they will not keep you safe while torrenting.

Using ExpressVPN with the qBittorrent torrent client

ExpressVPN is fully compatible with BitTorrent clients.

If you torrent using a VPN, the IP address that other users see will be associated with the VPN server you are connecting to, which means it cannot be used to identify you.

Price Winner: Custom DNS

You’ll have to pay for a reliable Smart DNS or VPN. It’s expensive to maintain the infrastructure required for those services, so free alternatives are likely to be unreliable and may include bandwidth restrictions.

Standalone Smart DNS services are often cheaper than premium VPNs. However, most VPN services usually offer a trial period or a money-back guarantee, which means you can test them before you commit.

Public DNS services are available for free from companies such as Google and Cloudflare.

Device Compatibility Winner: DNS & Smart DNS

Custom DNS and Smart DNS work virtually everywhere. Any device that connects to the internet needs to access a DNS server. If you can change your device’s DNS settings, you can use custom DNS or Smart DNS.

This makes Smart DNS a great choice for unblocking region-restricted content on devices such as Apple TV, PlayStation 4 or 5, or Xbox.

Most VPNs provide native applications for Windows, macOS, Linux, iOS, and Android. However, it’s much harder to install them on devices like Apple TV and Xbox, which do not allow VPN applications to be installed.

You can install a VPN on your router to protect every device on your home network, but this is not a simple process.

DNS vs VPN FAQs

Can I Use Custom DNS with a VPN?

Most VPN services use their own DNS servers, which will override any custom DNS or Smart DNS settings you have on your device. You can check which DNS servers your device is using with a DNS checker tool.

It is also possible to buy a VPN subscription that also includes a Smart DNS service. You can use the VPN on compatible devices, and use the Smart DNS service on your games consoles and Apple TV.

Is It Safe to Change My DNS?

It’s safe to switch to custom DNS servers as long as you choose a trustworthy DNS provider, such as Google or Cloudflare. If you choose an unreliable DNS server, you run the risk of DNS hijacking, where a malicious actor could divert your web requests to a compromised server.

What Is a DNS leak?

A DNS leak occurs when you are using a VPN, but you connect to your ISP’s DNS servers. This does not expose your public IP address, but it does reveal your browsing activity to your ISP. Netflix can also use DNS leaks to identify your real location and block content that’s restricted in your region. You can use a VPN leak test to check for DNS leaks.

What is the DNS server 1.1.1.1 or 8.8.8.8?

To connect your device to a DNS server, you use its IP address. Google and Cloudflare offer free public DNS servers using highly memorable IP addresses. Google uses 8.8.8.8 and Cloudflare uses 1.1.1.1.

About the Author


  • JP Jones - CTO @ Top10VPN

    JP Jones

    JP Jones is our CTO. He has over 25 years of software engineering and networking experience, and oversees all technical aspects of our VPN testing process. Read full bio