Chromium-based browsers like Google Chrome and Microsoft Edge use Chromium built-in DNS resolver by default instead of the system resolver. This results in Apple configuration profiles (on macOS), system-wide DNS over HTTPS (on Windows), and DDR encrypted upgrade (on both macOS and Windows) being ignored.
Those issues have been raised with the Chromium team:
- Issue 1378632: Fallback to using macOS secure DNS resolution if available
- Issue 1409305: DNS: Windows 11 system encrypted DNS settings appear to be ignored
Until those issues are resolved, you can manually disable the Chromium built-in DNS resolver yourself.
Google Chrome on macOS
You can manually disable the Chromium built-in resolver by running the following command in your terminal, then restart your browser.
defaults write com.google.Chrome BuiltInDnsClientEnabled -boolean false
Google Chrome on Windows
You can manually disable the Chromium built-in resolver by opening chrome://flags/#enable-async-dns and disabling the Async DNS resolver flag. You will be asked to relaunch your browser after doing this.
Microsoft Edge on Windows
Unfortunately, we are not aware of any way to disable the Chromium built-in resolver manually.