ControlD with Merlin

[sfx2000]

AT&T is redirecting port 53 to own servers?

As far as I know, they don't... this is one of those things where I can't say how I know...

Generally though - it's not worth their time to intercept DNS to off-network hosts if someone wants to do this...

 

[tnpapa]

Yes, I understand anycast. I feel we are drifting off topic though. I ran several DNS tests today using Gibson Research and WhatRoute apps. ControlD for me is the slowest by a wide margin. (bad routing) ATT is the fastest (6ms) The other major public DNS providers all come in about the same (20ms). With ECS on I see video streams loading faster and no ramping up of bitrate of the stream. TVE feeds are almost instantaneous. Same if I use ATT DNS. I really wanted ATT DNS to suck, but page loads and streaming do clearly work better using a DNS server that points to on-network resources.

 

[sfx2000]

"DOH is prone to fewer issues than DOT, and native DOT performance on Asus is pretty wonky to begin with"

Seems like a pretty bold and unqualified statement. I prefer DOT because I can see its presence and activity on my network.

Look at things from a tech support perspective...

AsusWRT has a rich community of third-parties that modify the factory firmware configurations - they have zero ideas of what your router has, and how it's configured... It's their polite way of saying "not my problem" as soon as you mention AsusWRT-RMerlin - bonus points if you mention Entware or any of the third-party scripts being involved...

It's the reputation that is at risk... but Asus doesn't seem to have a big interest there...

 

[tnpapa]

My latency to the various public DNS servers is good. The real question is, which one routes me to the best CDN PoP. I would suspect it is the server from AT&T, and its latency is crazy fast, but I have read that many people on ATT say their server is not reliable. Google at least supports ECS, so they could be good too. But with either of those I know my data is being logged and sold.

Some screen grabs of what I see. The DNS test is in order of average latency. AT&T 1 server is prone to lookup failures and fails many times.

 

[Paliv]

My latency to the various public DNS servers is good. The real question is, which one routes me to the best CDN PoP. I would suspect it is the server from AT&T, and its latency is crazy fast, but I have read that many people on ATT say their server is not reliable. Google at least supports ECS, so they could be good too. But with either of those I know my data is being logged and sold.

Some screen grabs of what I see. The DNS test is in order of average latency. AT&T 1 server is prone to lookup failures and fails many times.

I don’t have AT&T. But, I use Comcast DNS because streaming devices work way better with it. Lots of people say Comcast’s DNS are unreliable and serve ads on redirects instead of NXDOMAIN. All of this is old information. Redirecting DNS breaks DNSSEC which they implemented years ago and stopped redirects. Also I have found it’s uptime to be just as good as any third party these days and actually have fewer failed lookups for sites than with something like Quad9. So you may not be getting info that is relevant today.

 

[tnpapa]

I ma going to try ATT servers for a few days and see how it goes.