Configure Ubuntu 22.04 as a DNS server using ControlD


  • If you want to run your own DNS server for increased security, privacy, and control, using Control D is a great way to accomplish this.

  • Control D is a fully customizable DNS service, similar to Pi-Hole, AdGuard or NextDNS, but with proxy capabilities.

  • This means it not only blocks things (ads, porn, etc), but can also unblock websites and services.


  • An active Control D account.

  • A Control D Resolver ID.

  • A device and profile already configured on the Dashboard.


  1. Install the ctrld utility.

$ sudo sh -c 'sh -c "$(curl -sL" -s RESOLVER_ID_HERE'

Substitute RESOLVER_ID_HERE for your actual Resolver ID.

  1. Start the Control D DNS proxy service.

$ sudo ctrld start

Here is a successful start:

$ sudo ctrld start
Aug 20 16:15:03.000 NTC Starting service
Aug 20 16:15:10.000 NTC Service started
  1. Edit the /etc/controld/ctrld.toml file to change the ip = '' line to the actual IP address of the server.

    ip = ''
    port = 53
  1. Restart the ctrld service.

$ sudo ctrld restart
  1. Verify that the server's IP address is listed as the only nameserver in the /etc/resolv.conf file and change this if necessary, for example:

  1. Make the following changes to the /etc/systemd/resolved.conf file:

Substitute RESOLVER_ID_HERE for your actual Resolver ID. Use one of ControlD's DNS resolvers as the DNS IP address, for example: See the Free DNS Resolvers page for more detail.

  1. Restart the systemd-resolved service.

$ sudo systemctl restart systemd-resolved.service
  1. Restart the ctrld service one more time.

$ sudo ctrld restart
  1. Run a test query using the dig command specifying the IP address of the system.

$ dig @ +short

If resolves, you are successfully using Control D for DNS requests. You can now use this system as the DNS server for your entire network by simply configuring your router to use this system's IP address.

If you are unable to specify a DNS server in your router, you can also change any client on your network to point to this system's IP address as an alternative.