Switch Public DNS
Public DNS resolver (beta) for the Swiss Internet community
The Switch Public DNS service is accessible using transport encryption protocols. Our servers are located in data centers in Zurich and Lausanne and provide low latency from within Switzerland.
In addition to an encrypted communication channel, the DNS resolver service provides, by default, the following security features:
- DNSSEC validation protects from forged or manipulated DNS data from upstream servers
- DNS Query Name Minimisation to improve privacy
- Switch DNS Firewall blocks access to infected or malicious websites and redirects users to a landing page
The DNS resolver service blocks domain names listed in the block list by the Swiss gaming law "Geldspielgesetz (BGS)".
Host name (DoT):
- DNS over TLS (DoT) as defined in RFC 7858 on port 853/TCP
- DNS over HTTPS (DoH) as defined in RFC 8484 on port 443/TCP
More and more client applications add support for encrypted DNS protocols. For example Androidhas built-in support and automatically upgrades to DoT if a network's DNS server supports it. Web browsers such as Mozilla Firefox or Chrome have added DoH support. We want to provide our users the ability to use our DNS servers when located outside the Switch network. Encrypted DNS protocols such as DoT or DoH provide privacy between the client application and the Switch DNS resolver. This eliminates opportunities for eavesdropping and on-path tampering with DNS queries. For a list of supporting client software, see the list maintained by the DNS Privacy Project.
Configure your Client
Terms of Service
These terms of service only applies to users using the Switch Public DNS service which are not Switch network users.