LiveChat 
Support 
Does Microsoft Edge Use Its Own DNS Server? How Browser DNS Really Works
Short answer: Microsoft Edge does not run its own DNS server. But that is not the whole story. Edge can resolve DNS queries on its own terms using a feature called Secure DNS (DNS over HTTPS, or DoH), sending encrypted lookups to a resolver you choose — which may be completely different from the DNS your operating system uses. So while Edge never *hosts* a DNS server, it can absolutely *bypass* your system DNS and resolve names through its own selected encrypted resolver.
This distinction trips up a lot of people troubleshooting connectivity, and it matters for privacy, performance, and diagnosing why a site loads in one place but not another. Let’s clear it up precisely.
Key Takeaways
• Edge does not host a DNS server. It is a client, not a name server.
• By default, Edge uses your operating system’s configured DNS resolver.
• With Secure DNS (DoH) enabled, Edge sends encrypted DNS queries to a resolver *you* pick — overriding the OS setting for browser traffic only.
• A DNS resolver (what Edge talks to) is different from a DNS server (which Edge never runs) and from your domain’s authoritative DNS (which answers the actual record).
• If a site behaves differently in Edge than elsewhere, browser-level DoH vs OS DNS is a common cause — check `edge://settings/security`.
Does Microsoft Edge run its own DNS server?
No. A DNS server is software that hosts and answers DNS records for domains — like the authoritative name servers that store your website’s A, AAAA, MX, and TXT records. Edge does none of that. Edge is a DNS client: it asks “what is the IP address for this hostname?” and waits for an answer.
What confuses people is that Edge, being Chromium-based (the same engine family as Chrome), includes its own DNS resolution logic and an internal cache. That means Edge can decide *how* and *where* to send its DNS questions, independent of what Windows or macOS is configured to use. Having its own resolution path is not the same as hosting a server — but functionally it can change which answers you get.
What does “Secure DNS” in Edge actually do?
Secure DNS is Microsoft Edge’s name for DNS over HTTPS (DoH). Normally, DNS queries travel in plain text, readable by anyone on the network path. DoH wraps those queries inside an encrypted HTTPS connection to a DoH-capable resolver, so the lookup is private and tamper-resistant.
When Secure DNS is on, here is what happens:
- Edge takes the hostname you are visiting.
- Instead of handing it to the operating system’s resolver, Edge sends it — encrypted — to the DoH resolver configured in Edge.
- That resolver returns the IP, and Edge connects.
The critical consequence: for browser traffic, Edge’s DoH setting can override your OS DNS entirely. Your system might be pointed at one resolver, while Edge quietly resolves through another. Both are “using DNS,” but they may be asking different resolvers and, in edge cases, getting different answers (for example, with split-horizon DNS, content filtering, or stale caches).
Resolver vs. server: the distinction that matters
This is the heart of the confusion, so let’s name it plainly:
- A DNS server *hosts* records. Edge never does this.
- A DNS resolver *looks up* records on your behalf (recursively querying the system until it reaches the authoritative server). Edge can use one of these directly via DoH.
- The authoritative DNS is the final source of truth for a domain — the name servers that actually hold the records.
So “does Edge use its own DNS server?” really means “does Edge resolve names through its own chosen resolver?” — and with Secure DNS on, the answer is yes.
How do browser DoH, OS DNS, and the authoritative server fit together?
It helps to see DNS resolution as layers. Each layer can introduce its own behavior, its own cache, and its own configuration.
| Layer | What it does | Who controls it | Can Edge override it? |
|---|---|---|---|
| Browser DoH (Secure DNS) | Encrypts and sends DNS queries from Edge to a chosen DoH resolver | You, in `edge://settings/security` | This *is* the override |
| OS / system resolver | The DNS configured in Windows/macOS network settings | OS / network admin | Yes — DoH bypasses it for browser traffic |
| Router / ISP resolver | Default recursive resolver many devices fall back to | Router or ISP | Yes — DoH skips it too |
| Authoritative DNS | Holds the domain’s real records (A, MX, etc.) | The domain owner / DNS host | No — everyone resolves to the same authoritative answer |
The key insight from this table: no matter which resolver a browser uses, every path eventually consults the same authoritative DNS for a given domain. The resolver layers affect *privacy, speed, and caching* — not the underlying records.
Here is the practical takeaway most explanations miss: Edge doesn’t run a DNS server, but with Secure DNS enabled it bypasses your OS DNS and resolves through its own chosen encrypted resolver. That single fact explains a surprising number of “it works here but not there” mysteries. If a site loads in Edge but fails in another app (or vice versa), or if it loads on one machine but not another, the difference is frequently browser-level DoH versus OS-level DNS pointing at different resolvers with different caches or filtering rules. Before blaming the website or the host, check `edge://settings/security` — you may simply be resolving through two different paths.
How do I check or change Edge’s Secure DNS settings?
You can inspect and control this directly:
- Open Edge and go to `edge://settings/security` (type or paste it into the address bar).
- Find the Use secure DNS toggle.
- Choose one of:
- Use current service provider — Edge defers to the system/OS DNS.
- Choose a provider — Edge sends queries to a specific public DoH resolver you select, overriding the OS for browser traffic.
If the toggle is on and set to a specific provider, Edge is resolving DNS through its own chosen resolver, not your operating system’s. Turning it off (or selecting “current service provider”) returns Edge to the OS resolver.
Edge has its own DNS cache, too
Beyond resolution, Edge maintains an internal DNS cache separate from your operating system’s cache. This is why a classic troubleshooting step can fail to work as expected:
- Flushing the OS DNS cache (for example, `ipconfig /flushdns` on Windows) clears the *system* cache — but it does not clear Edge’s internal cache.
- To inspect or clear Edge’s own networking state, open `edge://net-internals` and use the DNS section to view and clear host-resolution entries.
So if you updated a DNS record and Edge still loads the old address after an OS flush, Edge’s internal cache or its DoH resolver’s cache is the likely culprit — not the OS.
Why does this matter for privacy and troubleshooting?
Two reasons stand out.
Privacy. With Secure DNS, your DNS lookups are encrypted between Edge and the resolver, so network observers (including some on the local network or ISP path) can’t easily read which hostnames you request. That is a meaningful privacy gain — but it also means your browsing-name lookups go to whichever DoH provider you selected, so choose a resolver you trust.
Troubleshooting clarity. Because Edge can resolve independently of the OS, standard diagnostics can mislead you:
- A `ping` or `nslookup` from the command line uses the OS resolver — not Edge’s DoH path. They can disagree.
- A flushed OS cache won’t touch Edge’s cache.
- Content filtering or parental controls applied at the OS or router level may be bypassed by browser DoH, since the queries leave Edge encrypted to a different resolver.
When results don’t add up, confirm whether Secure DNS is on and which resolver it points to before going deeper.
What about Chrome and other Chromium browsers?
The same logic applies. Chrome, Edge, and other Chromium-based browsers all support DNS over HTTPS and none of them host a DNS server. They are clients that can be configured to use a DoH resolver of your choice. The settings live in different menus, but the underlying behavior — browser-level encrypted resolution that can override the OS — is shared across the family.
Regardless of which resolver a visitor’s browser uses — OS DNS, browser DoH, or an ISP resolver — there is one layer they all ultimately depend on: your domain’s authoritative DNS. That is the source of truth that answers the actual records for your site, and if it is slow, misconfigured, or unreliable, *every* visitor feels it no matter how their browser resolves.
This is where solid hosting infrastructure pays off. DarazHost provides reliable, fast authoritative DNS with straightforward record management, so your A, AAAA, CNAME, MX, and TXT records resolve correctly and quickly for everyone — whether they’re on Edge with Secure DNS, Chrome, or their system resolver. With an easy management dashboard and 24/7 support, you can update records confidently and keep propagation predictable. The browser’s resolver choice is out of your hands; making sure the authoritative answer is correct and fast is firmly in ours.
Frequently asked questions
Does Microsoft Edge use its own DNS server? No. Edge does not host or run a DNS server. By default it uses your operating system’s DNS resolver. With Secure DNS (DoH) enabled, it resolves through its own chosen encrypted resolver — but that is a client behavior, not a server.
What is the difference between Edge’s Secure DNS and my OS DNS? Your OS DNS is the resolver configured in Windows or macOS network settings, used system-wide. Edge’s Secure DNS sends encrypted DoH queries from the browser to a resolver you pick, overriding the OS setting for Edge traffic only. Other apps still use the OS resolver.
Why does a website load in Edge but not in another browser or app? Often because Edge’s Secure DNS points to a different resolver (with a different cache or filtering policy) than your OS uses. Check `edge://settings/security` to see whether Secure DNS is on and which provider it uses.
Will flushing my OS DNS cache fix Edge? Not necessarily. Flushing the OS cache (e.g., `ipconfig /flushdns`) clears the system cache but not Edge’s internal cache. To clear Edge’s host resolution, use `edge://net-internals`.
Does Secure DNS in Edge change my website’s DNS records? No. Secure DNS only changes *how* and *where the lookup is sent*. The records themselves come from your domain’s authoritative DNS, which is the same for everyone regardless of resolver.
