Public Resolvers

The following are services that have been announced by large organisations -  they support DNS Privacy on anycast networks. 

A comparison of the privacy polices of some resolvers is provided here.
A list of experimental DoT test servers (including those run by the Stubby developers) is available on the Test Servers page.

DNS-over-TLS (DoT)

Details are provided in the  Stubby config file for users who want to enable them.

Hosted by IP addresses TLS Ports Hostname for TLS
authentication		 Base 64 encoded form of SPKI pin(s) for TLS
authentication (RFC7858)		 Notes
Quad9 'secure'

9.9.9.9
2620:fe::fe

 853 dns.quad9.net Quad9 do NOT publish or recommend use of SPKI pins with their servers.
See https://quad9.net and their FAQ for details of privacy, logging and filtering policies on the main and alternative addresses(1).
UDP and TCP service are also available on these addresses.
Quad9 'insecure'

9.9.9.10
2620:fe::10

 853 dns.quad9.net
Cloudflare

1.1.1.1 or 1.0.0.1
2606:4700:4700::1111 or 2606:4700:4700::1001

 853 cloudflare-dns.com Cloudflare do NOT publish or recommend use of SPKI pins with their servers.

https://blog.cloudflare.com/announcing-1111/
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
PRIVACY POLICY: https://www.cloudflare.com/privacypolicy/ (section of interest Public DNS Resolver Users)

And also see https://labs.apnic.net/?p=1127 for details of the APNIC/Cloudflare agreement as mentioned on the Register.

UDP and TCP service are also available on these addresses. DNS-over-HTTPS is also available!

NOTE: To use this service by name only (i.e resolve the IP from the name) use 1dot1dot1dot1.cloudflare-dns.com.
Google

8.8.8.8 or 8.8.4.4 2001:4860:4860::8888 or 2001:4860:4860::8844

 853 dns.google Not published

Google DoT service

Google Privacy policy
CleanBrowsing Various, see the CleanBrowsing website 853 Various, see the CleanBrowsing website Not published

https://cleanbrowsing.org/privacy

This service provides different end points with different filters (security, family, adult) so visit the website to select the end point with the filter you prefer. NOTE: also does DoH.
Adguard Various, see the AdGuard website 853 Various, see the AdGuard website/ Not published

https://adguard.com/en/adguard-dns/setup.html#instruction

https://adguard.com/en/privacy.html

This service provides different end points with different filters (default, family) so visit the website to select the end point with the filter you prefer.
Control D Various, see Control D website 853 Various, see Control D website Not published

Control D website

This service provides different end points with different filters (default, family) so visit the website to select the end point with the filter you prefer.
Wikimedia See Wikimedia DNS website 853 See Wikimedia DNS website Not published

See Wikimedia DNS website

Wikimedia DNS (formerly called Wikidough), is a caching, recursive, public DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) resolver service that is run and managed by the Site Reliability Engineering (Traffic) team at the Foundation.

DNS-over-HTTPS (DoH)

For a more up to date list of available of DoH severs you may want to look at  https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers

Details of a few any cast service and privacy policies:

Hosted by URL Notes
Cloudflare

https://cloudflare-dns.com/dns-query

https://developers.cloudflare.com/1.1.1.1/dns-over-https/

PRIVACY POLICY: PRIVACY POLICY: https://www.cloudflare.com/privacypolicy/ (section of interest Public DNS Resolver Users)And also see https://labs.apnic.net/?p=1127 for details of the APNIC/Cloudflare agreement as mentioned on the Register.
Cloudflare https://mozilla.cloudflare-dns.com/dns-query

This server is announced as part of the Firefox Nightly shield study.
It has a different (stronger) privacy policy than the general Cloudflare DoH server above:
https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/
Google https://dns.google/dns-query

RFC8484 (GET and POST)

https://developers.google.com/speed/public-dns/docs/doh/
Quad9 Various Please see https://www.quad9.net/doh-quad9-dns-servers/ for details
CleanBrowsing Various, see the CleanBrowsing website This service provides different end points with different filters (security, family, adult) so visit the website to select the end point with the filter you prefer.
Adguard Various, see the AdGuard website This service provides different end points with different filters (security, family, adult) so visit the website to select the end point with the filter you prefer.
Control D Various, see Control D website This service provides different end points with different filters (security, family, adult) so visit the website to select the end point with the filter you prefer.
Wikimedia See Wikimedia DNS website

See Wikimedia DNS website

Wikimedia DNS (formerly called Wikidough), is a caching, recursive, public DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) resolver service that is run and managed by the Site Reliability Engineering (Traffic) team at the Foundation.

Google also run a DoH endpoint at https://dns.google/resolve? using a proprietary JSON API.

DNS-over-QUIC (DoQ)

AdGuard launched the first DoQ public resolver in 2020: https://adguard-dns.io/en/blog/dns-over-quic.html