A recent article from XDA Developers made the claim:
“If you’re still using the DNS servers that your ISP or cellular provider set up when you first got service… those plaintext queries get stored and sold to advertisers.”
That’s not just overly generalized. It’s factually incorrect, at least when it comes to responsible ISPs.
Setting the Record Straight
The article pushes the idea that ISP DNS is inherently bad for privacy and performance. But here’s the reality from inside the industry, at least here in the United States.
- Many if not most ISPs, including Nextlink, operate their own locally hosted DNS servers
These are geo-redundant and distributed across our network to ensure low latency, fast failover, and maximum uptime. - We don’t outsource DNS resolution to third parties
This gives us full control over query paths, cache behavior, and privacy safeguards. Most third-party DNS providers can’t guarantee that level of locality or speed across rural America. - We do not sell DNS data
The claim that “all ISPs sell DNS data” is false. At Nextlink, DNS query logging is minimal and used only for diagnostics. There is no advertising monetization of DNS traffic. None.
Why Blanket Advice Falls Short
Switching to Google (8.8.8.8), Cloudflare (1.1.1.1), or Quad9 can work in some cases. But the article overlooks key factors:
Performance
If your DNS provider isn’t well-peered with your ISP, queries take longer. This adds latency and can affect application speed. Nextlink’s DNS servers are on our backbone, meaning resolution is fast and close to the user.
Content Delivery
Many CDNs use DNS resolution to direct you to the nearest server. Using a third-party DNS may result in worse video streaming or download speeds if your traffic gets routed to the wrong part of the country. Although we are peered directly with Google and Cloudflare for fast resolution times.
Security
Yes, blocking access to known malicious domains. This is a security measure, not censorship. These protections are based on threat intelligence feeds and help shield customers from phishing and malware attacks. It’s common practice on many home routers such as Eero, TP-Link, and more.
What About Self-Hosting DNS?
The XDA article also promotes running your own DNS server using Unbound, Technitium, or similar. That’s a great option for privacy-conscious users and home-lab enthusiasts. We fully support those efforts, but please make sure you secure your DNS.
But most users are not looking for that level of complexity. They want a DNS that is fast, secure, and works with no additional setup. That’s what we deliver.
What Responsible DNS Looks Like
At Nextlink, DNS is not an afterthought. It is a core part of the user experience. Our platform is:
Fast
Geographically redundant, embedded in our core network, and optimized for response time.
Private
No data selling, no profiling, no advertising feeds.
Secure
Supports DNSSEC, minimizes attack surfaces, and enforces clean traffic paths.
Reliable
Our DNS servers are built for resilience and managed internally by our own network operations team.
Final Word
The XDA article raises some valid concepts around encryption and privacy. But it gets the core message wrong. Not all ISPs treat DNS carelessly. At Nextlink, we’ve built and operated our own DNS infrastructure for years to deliver a better, faster, and more secure internet experience.
Before switching to a third-party DNS out of fear, ask this instead:
Does your ISP operate a properly engineered DNS platform?
If you’re with Nextlink, the answer is yes.
