DNS vs VPN: Breaking Down the Difference

My mother always says, “Never use TLAs”, but I'm here with a comparison between DNS and VPN services to show you that they aren't all scary!

· 6 min read
DNS vs VPN: Breaking Down the Difference

If you’ve made it here, you’ve probably already seen a couple of acronyms and you’re either completely comfortable (in which case, you can skip this section) or - and we’d understand if so - your eyes are beginning to slowly widen in fear: WTF is DNS? VPN? ISP? Why are some of them smart? Is there such a thing as a dumb DNS? Am I a dumb DNS?

Well, we’re here to help - and don’t worry, you’re not a dumb anything. Today, we’re going to go over the definitions of all these and more, and we’ll be handing you all the info you’ll need to decide which of these nifty browsing tools is right for you.

What is DNS?

DNS stands for Domain Name System. A domain name is what you type into a browser to get to a website - like verycutecats.com. The Internet doesn’t really ‘work’ on domain names, though - it works on numerical addresses, the unique identifiers for every device that’s connected to the Internet.

When you type ‘verycutecats.com’ into your browser, your computer needs to translate verycutecats.com into a computer-friendly address so that you can see those kitties.

To do that, your request goes to something called a DNS resolver. Whether you’re aware of it or not, you always use a DNS resolver when you’re accessing a website or web service - anything that uses HTTP/s (hypertext transfer protocol, the language of web pages).

Usually, your ISP (internet service provider, but you probably knew that one!) will automatically set you up with their default DNS server. People in the know, though, like to pick their own.

You can set your DNS resolver for your desktop or mobile device on your operating system, or right in the browser. It’s usually just one setting, like this one in Google Chrome:

Screenshot of Google Chrome Custom DNS options, including OpenDNS, Cloudflare, and Google
Google provides a few options to choose from in the browser and you can add others (like Control D!)

Some popular choices for ‘standard’ DNS resolvers are Cloudflare ( and Google ( Because more complicated sites often require multiple DNS lookups before they start loading, your devices are probably making hundreds or thousands of these requests every single day - and when you’re doing something that many times, speed matters.

Cloudflare, Google, and other DNS providers often boast speeds that far exceed what your ISP’s DNS can manage - but it’s still just a dumb phonebook.

What is a ‘Smart’ DNS?

As with a ‘Standard’ DNS provider, a Smart DNS is pretty much just a DNS server somewhere in the world that you can set your browser, desktop computer, mobile device, or other internet-connected doodad up to use as the ‘internet phonebook’.

So what makes it smart?

That would be where, exactly, the server is in the world. The location depends on the server infrastructure of the provider, but the long and short of it is that Smart DNS lets you access geo-blocked content by making the websites in question think that you are in a different location.

Some Smart DNS services allow you to switch between locations, so you could be in Spain one minute and Scotland the next (as far as the rest of the web is concerned).

Is There Anything Smarter Than a ‘Smart’ DNS?

Yes. It’s called Control D! Control D does everything that a Smart DNS does, but does so in a vastly more configurable manner. When redirecting with Control D, you could tell Facebook you’re in Japan while simultaneously telling TikTok you’re in Belgium - we’re not sure why you’d want to do that one, specifically, but the power is yours.

Beyond unlocking geo-restricted content using a magic Control D DNS resolver, you can:

  • Block entire categories of web content (like Ads & Trackers, Malware, or Social) using Filters
  • Block or redirect Services like Google and BBC iPlayer (yes, simultaneously!)
  • For even more granularity, create Custom Rules for individual domains

This, as you can imagine, gives you complete power over your Internet. Hence the ‘Control’ (the D stands for DNS if you hadn’t worked that one out).

What is a VPN?

A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. This allows you to use the internet safely on public networks you may not trust.

It also prevents the network administrators - or your ISP - from collecting and storing your browsing activity and then potentially selling it off for profit.

Enabling a VPN like Windscribe on your device means that your ISP or network administrator will only ever see one connection from that device - and that is to Windscribe. No matter what website you're on or what app you're using, the only internet communication would be between your device and the Windscribe VPN server. You can also use a VPN to proxy your traffic, making it appear as if you are in another country.

What's the Difference Between a VPN and a DNS?

A VPN does all of the above on ALL your Internet traffic, and a DNS service can only protect activity that actually uses, well, DNS. See, there are (lots of) other types of internet traffic ( mostly used by apps) that do not require DNS as they’re not using domain names.

VPNs are also significantly more secure but come at a little bit of a steeper price than most Smart DNS services - including the Smartest DNS, Control D.

Control D also has a distinct edge in customizability over both VPNs and other Smart DNS services.

"Smart" DNS Control D VPN
Can proxy all HTTP and HTTPS traffic X X
Protect activity that doesn't use DNS X
Different services, different rules X
No apps to install or run X X
Cost $2+ Free options, Premium $2+ Often paid yearly, approx. $70+

When You Should Use a VPN

  • Torrenting

BitTorrent traffic is one of the types that does NOT use DNS, and so a DNS resolver - no matter how smart it is - won’t protect you. If you need to watch all 8 seasons of Game of Thrones this weekend, get yourself a VPN.

  • Life Critical Anonymity

Even with Control D, which encrypts your DNS queries, the Server Name Indication (SNI) TLS extension is still transmitted in plaintext. This means that on certain adversarial networks, Control D will not provide you any privacy benefits. It will not be able to unblock restricted sites, and your browsing history could still be captured by the network administrator/ISP/government. If you are in danger, you should use a trusted VPN as just ONE of the tools in your toolkit.

When You Should Use Control D

  • Blocking

If you’re looking for a DNS provider with some easy knobs to twiddle, Control D is for you. With Control D, you can block any of several categories. Bonus: if you block the Ads & Trackers category, you will save a TONNE of bandwidth and probably experience noticeably faster browsing.

  • Productivity

Control D has a neat scheduling feature that allows you to block any of the 300+ services or browsing categories during times you set every day. This is great for working on that book (block Socials, anyone?) or, you know, doing your job without getting sidelined by your friends on Discord.

  • Geo-unblocking per service

If you have a non-life-critical desire to watch Japanese anime and Hungarian TikTok simultaneously, you can achieve this by changing just a couple of settings and grabbing your Control D resolver.

  • You’re on a budget

Control D is cheaper than a full VPN service and even has several free offerings, allowing you to control your browsing without costing you anything. There are also price plans for everybody if you need more control.

Note: Whether or not you choose to utilize Control D in your Internet adventures, we strongly encourage the use of any secure DNS provider over the default DNS settings on pretty much any network you may be on. This is because the default mode for DNS is unencrypted DNS, meaning that your ISP or whoever else operates your network can not only see every single domain that you request but in many countries are legally obligated to record and store it.

Three Letter Acronyms Aren’t So Scary After All

Sometimes the jargon can be a bit overwhelming but, hopefully, this article has helped you understand some of the acronyms you’ve seen thrown around the privacy and security world. Now, you can tell your friends all about Domain Name Systems and Virtual Private Networks, and bask in your technological godhood.

Or, you know, just not be as confused when researching how best to take control of your internet experience.

DNS and VPN services are two important services that you now know a bit more about and, hopefully, you can make an informed decision on which one best suits your needs - Control D for granularity and, well, control, or Windscribe VPN for privacy and security.