Today, Google has announced the launch of their free DNS resolution service. Many ISPs and 3rd party provider such as OpenDNS snoops around or send traffic to ad servers. However, Google promises not to play with end users and send the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience. In other words Google will not hijacking your traffic on non-existent domain name and it will follow strict RFC standard.
From the blog post:
The DNS protocol is an important part of the web's infrastructure, serving as the Internet's "phone book". Every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they complete loading. As a result, the average Internet user performs hundreds of DNS lookups each day, that collectively can slow down his or her browsing experience.
Google DNS Server IP Addresses
The Google Public DNS IP addresses are as follows:
8.8.8.8
8.8.4.4
How Do I Add Google DNS Server IP Address Under Linux?
Simple edit the /etc/resolv.conf file and add above two ip address:
nameserver 8.8.8.8 nameserver 8.8.4.4
Save and close the file. Google do have clear cut privacy policy and speed also seems good to me as compare to my ISP. I guess the people at OpenDNS are going to be pi**ed by this.
Google DNS Server vs Your ISP Server
CDN servers will not work correctly and they will return a list close to Google's DNS servers.
host i.dell.com 8.8.8.8
Sample outputs:
Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: i.dell.com is an alias for img.dell-cidr.akadns.net. img.dell-cidr.akadns.net is an alias for ccdn-global.dell.com.edgesuite.net.globalredir.akadns.net. ccdn-global.dell.com.edgesuite.net.globalredir.akadns.net is an alias for a1058.g.akamai.net. a1058.g.akamai.net has address 203.106.85.169 a1058.g.akamai.net has address 203.106.85.170
203.106.85.169 & 203.106.85.170 located somewhere in KUALA LUMPUR.
host i.dell.com 202.56.250.5
Using domain server: Name: 202.56.250.5 Address: 202.56.250.5#53 Aliases: i.dell.com is an alias for img.dell-cidr.akadns.net. img.dell-cidr.akadns.net is an alias for ccdn-global.dell.com.edgesuite.net.globalredir.akadns.net. ccdn-global.dell.com.edgesuite.net.globalredir.akadns.net is an alias for a1058.g.akamai.net. a1058.g.akamai.net has address 122.166.109.9 a1058.g.akamai.net has address 122.166.109.11
122.166.109.9 & 122.166.109.11 located in India. This also applies to NTP pool servers.
Speed
Ping-pong timings:
- Ping times (ISP dns servers) - 20ms
- Ping times (Google dns servers) - 116ms
- Ping times (OpenDNS servers) - 190ms
Resolving timings (use dig @dns-server.address domainname.com):
- ISP DNS Server - 41 msec
- Google DNS Server - 262 msec
- OpenDNS server - 213 msec
In other words I will use my ISPs server instead of Google or OpenDNS due to speed issue and incorrect handling of CDN servers. If you own a small LAN, I recommend setting up a caching dns server called dnsmasq.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- 10 Greatest Open Source Software Of 2009
- My 10 UNIX Command Line Mistakes
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
- Email this to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: Dec/5/2009
{ 23 comments… read them below or add one }
In virtually all cases, people’s ISP DNS servers will be faster.
I’m wondering what exactly google’s motive is behind their launch of this service.
Thanks for the research on this. I have been using OpenDNS because the local DNS servers here in Costa Rica are really bad and go down all the time.
I can tell you so far, and this has only been a few hours, but my overall net speed is faster. Ping time is slower, but net speed faster. Weird…
:~D
Fun enough, Google’s public resolvers won’t give you an IPv6 address for http://www.google.com:
$ dig aaaa http://www.l.google.com @8.8.8.8 +short
$
You have to go to other parties to find that:
$ dig aaaa http://www.l.google.com @2001:470:20::2 +short
2a00:1450:8005::69
2a00:1450:8005::63
2a00:1450:8005::68
2a00:1450:8005::93
2a00:1450:8005::6a
2a00:1450:8005::67
$
:)
@Klaus, not really, google.com do not have ipv6. They’ve ipv6 at ipv6.google.com:
ipv6.l.google.com.
2001:4860:c004::68
2607:f0d0:1002:11::4
@Vivek
I know that one, but that’s not what I’m looking for. I want to be able to look up the AAAA record for http://www.google.com (CNAME http://www.l.google.com) directly, and I cannot do that at Google’s public resolvers. I.e., what I want is the second scenario on the pic at http://www.google.com/intl/en/ipv6/ — and I can do just that by using 2001:470:20::2 as resolver…
@Vivek
I’m aware of ipv6.google.com, but that’s not what I want. I want to be able to look up the IPv6 address of any Google service, and Google’s public resolvers wont let me do that.
Using 2001:470:20::2 as the resolver for anything in google.com gives me what I want.
See e.g. http://www.google.com/intl/en/ipv6/ for details.
The reason for which Google gives you this service nice and clean even if it is a lot slower than more than 99% of ISP (even basic) DNS servers is quite clear for me:
DNS queries are very useful in building a very specific and accurate profile of a someone’s behavior on Internet; and this is extremely useful in all kinds of optimization for search engines (SEO) and Company and also is a very normal, obvious step to globalization (as in global control)…
All they have to do is convince you to use them; and it would not be very hard as many people consider Google services quite stable and “great” without thinking to what they give up in using them.
Corroborate this with other actions Google has taken in last years and you may see that even having Google as ISP anywhere in the world won’t be very hard to believe…. imagine only what can be obtained from analyzing all traffic a person / organization does! (this kind of analysis is already used for years in planing targeted hacking attacks for example)
@Klaus, I got your point. May be someone need to send an email to Google about this problem.
@ Adi, usually, ISP servers are overloaded and not optimized for caching purpose. However, Google is one of the biggest ad company too. So they do have some sort of interest tracking users.
I enabled open DNS after experiencing problems with my home internet connection, after upgrading to Ubuntu 9.10. It definitely improved things. I block the advertisements using adsweep etc via greasemonkey. The reason this article caught my attention are the comments by Vivek Gite. I started learning shell scripting because of his excellent tutorial. Thank you Vivek! I will not be using Googles DNS services yet till they have gone through the teething problems that all new things are prone to. Thanks once again Vivek!
My apologies. I just found out Vivek is the creator of this site! Anyway, keep up the good work!:)
i was wondering that ISP’s can configure their routers to direct DNS requests to their own servers.
why not run ur own DNS server with ACL to accept 127.0.0.1 queries w/ recursion? (if u are running linux)
Hi Vivek,
will this break the CDN setup?
ie. give you the caching servers closer to google dns?
or will it just do the resolving from a DNS server closer to Google, and still give you the cache servers closer to you?
thanks,
Yonit
ps. – why did you take off the url part from your comments?
@Yonit,
Yes, you will get CDN server closer to Google dns server and not to your geo location. In other words user may get common media and steaming file slowly from cdn networks.
It will back later on. I’ve some problem with my custom made spam filters plugin and latest version of WP. This is a temporary situation. I Will update code later on ..
@Dudley, No problem!
@Andon, nice suggestion, DJB or bind caching is for small and large network. It will speed up queries.
HTH
Pertamaaax .. Gan!!!,
I will try …thanks for research opendns, I hope more smootly than ISP on my country yg agak lemot gitu loh <> :P
regards,
raihan_naufal
I hate u everyone, cruel world listen to me, how can i block bad sites by category etc with Google DSN? Like I block in OpenDNS
Does Google provide Phishing Protection, Filters, etc. like that of OpenDNS ?
iTech7.com | Explore Technology
@Nilesh: Na, I am missing those things with Google DNS
@Aaqil,
Are you a geeky desktop user? If so learn how to setup your own squid and SquidGuard blocking service.
OpenDNS has its own problem just like Google DNS server. Both of them sell your personal data and they do not have clear cut privacy policy.
@Nobody-
If Google sells your private data then everybody should stop using Google.
iTech7.com | Explore Technology
This great man
Comodo also offers free DNS, I think that if you care about privacy you should be using an external DNS and not your ISP.
The IP address is very easy to remember.
I think it’s the only advantage of this public DNS service.
My ISP DNS (Telefonica) is currently working faster.
Cheers!