Disable Async DNS resolver in Google Chrome

FAQs Community How-to's
1

TL;DR
Chrome has a new feature "Async DNS resolver" which might use other DNS servers than configured. This breaks DNS based blockers like Pi-hole.

Disable it on Android
  1. open chrome://flags/ in chrome browser
    search for dns
    disable Async DNS resolver
    restart browser (browser will suggest it on the bottom)
  2. go to chrome://net-internals/#dns
    Async DNS should be disabled
    clear Host resolver cache

Before (192.167.77.7 is Pihole as DHCP and DNS server)

Screenshot_20180512-210631
Screenshot_20180512-2106311920×1080 146 KB

Disabling

Screenshot_20180512-210457
Screenshot_20180512-2104571080×1920 160 KB

After

Screenshot_20180512-210705
Screenshot_20180512-2107051920×1080 130 KB

Disable it on Desktop
  1. Create a link to Chrome on your Desktop
  2. Right click - then Properties
  3. In Shortcut Tab - append --disable-async-dns to Target
    "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-async-dns
  4. Start Chrome from that link
    go to chrome://net-internals/#dns
    Async DNS should be disabled
    Clear Host resolver cache
  5. (optional) you can right click the link and pin it to taskbar

parameter
parameter362×526 12.7 KB

Disable it on Mac

Run Terminal.app then use the following command:

open /Applications/Google\ Chrome.app --args --disable-async-dns

This will launch it once using the parameter. From there you could make an alias to make it easier to launch from the terminal or write an AppleScript to make it double clickable.

I use Pi-hole on my network. Recently I got Google Ads on my smartphone despite Pi-hole. After opening the same website on Firefox the Ads were not there. This had to be something with Chrome.
After some research I found out that Chrome is using IPv6 DNS servers. This prevents Pi-hole from blocking those requests.

Async DNS resolver

Recently, Google added support for a feature known as asynchronous DNS to Google Chrome, which aims to speed up page loading times by resolving the IP address of a website before you click the link. It works by scanning a web page as it loads, finding any domain names linked and using a Domain Name Server (DNS) to find the IP address associated with each of them. Google says it should respect the DNS server that the user has configured on-device, but on some occasions, this seems not to be the case. Users are reporting that DNS based ad-blockers like Pi-hole no longer function correctly on the latest version of Chrome.

Fixing DNS-Based Ad Blockers in Google Chrome

  • Disable Chrome’s Asynchronous DNS Feature
  • Clear the DNS Cache
  • Restart Chrome

See detailed steps after TL;DR on top of the post

Sources:

4 Likes
2

just don't use chrome. I don't use chrome browser but their derivative Brave and Vivaldi. After checking, I didn't see any of the parameters on both browsers.

3

Don't forget to disable that QUIC crap too :

Silly Google Spyware :slight_smile:

2 Likes
4

They are probably just lacking a bit behind on the version and t is likely that this "feature" will pop up there, eventually. Since Vivaldi was also a bit ... questionable ... in telemetry it is sending, I switched to Firefox Quantum beginning of this year. I can recommend using the latest version of Firefox and it is my daily (and sole) browser now. Note that I have been using Chrome for a few years and Vivaldi for half a year and much disliked the old bloated Firefox that was around a few years ago. It seriously improved!

Side note: There have been a few performance issues with Chrome since the advent of the Meltdown/Spectre patches beginning 2018 where several pages with huge tables (including but not limited to the Pi-hole Query Log page) got super slow (they were loading for several minutes in Chrome, whereas they finished rendering in Firefox in less than a few seconds). So privacy is not the only concern that made me switch...

2 Likes
5

Added instructions for Mac:

Run Terminal.app then use the following command:

open /Applications/Google\ Chrome.app --args --disable-async-dns

This will launch it once using the parameter. From there you could make an alias to make it easier to launch from the terminal or write an AppleScript to make it double clickable.

Edit: a user reported that this did not work for them. I do not have a mac, so I can not test or troubleshoot

1 Like
6

On mac you can also change the policy setting by writing

defaults write com.google.Chrome BuiltInDnsClientEnabled -boolean false

in the terminal. Just checked and it seems to work. No need to create aliases.

2 Likes
7

3 posts were merged into an existing topic: Not blocking ad in Chrome

8

Seems like Google Chrome has a new Setting now. It is called "Use secure DNS" and is activated by default. Deactivating it causes Chrome to respect the system setting for dns.