Chromium-based browsers

Chromium-based browsers like Google Chrome and Microsoft Edge use Chromium built-in DNS resolver by default instead of the system resolver. This results in Apple configuration profiles (on macOS), system-wide DNS over HTTPS (on Windows), and DDR encrypted upgrade (on both macOS and Windows) being ignored.

Those issues have been raised with the Chromium team:

• Issue 1378632: Fallback to using macOS secure DNS resolution if available
• Issue 1409305: DNS: Windows 11 system encrypted DNS settings appear to be ignored

​

Workarounds

Until those issues are resolved, you can manually disable the Chromium built-in DNS resolver yourself.

​

Google Chrome on macOS

You can manually disable the Chromium built-in resolver by running the following command in your terminal, then restart your browser.

defaults write com.google.Chrome BuiltInDnsClientEnabled -boolean false

​

Google Chrome on Windows

You can manually disable the Chromium built-in resolver by opening chrome://flags/#enable-async-dns and disabling the Async DNS resolver flag. You will be asked to relaunch your browser after doing this.

​

Microsoft Edge on Windows

Unfortunately, we are not aware of any way to disable the Chromium built-in resolver manually.