Block Google DNS per device

Block Google DNS

Domain name space. Licensed under Public Domain via Commons.

Some apps, like Netflix, have recently started hard coding Google’s DNS servers into them to combat the use of VPNs and Smart DNS services. Most of the guides I’ve seen have indicated that the best way to combat this is via “static routes to nowhere”. While this is an approach, I don’t think it’s the best, or most reliable way to get it done. In my opinion IP filtering is a much better option.

IP filtering is a really simple concept. It pretty much tells your firewall/router that you would like it to throw away specific kinds of traffic. In this case (shown with a D-Link router), I have configured the router to discard DNS (port 53 for both UDP and TCP, although only UDP is necessary) to Google’s DNS server for a specific IP address. To complete the configuration, you will want to do two other things:

  1. create the same rule for Google’s other DNS (
  2. either give the device you want to block it for ( a static ip address or a static DHCP assignment so it always has the same IP address

Using this configuration, I can block Google DNS for specific clients on my network :).