Any reason to use one public DNS over another?

[Lee MacMillan]

Comcast is my ISP and I have been using Google ipv4 DNS servers for many years. I added Google's ipv6 servers about 3 years ago. (Router is Asus AC66U B1). When I search on free DNS, I don't really see anything that leads me to believe one is better than another. Google already knows everything there is to know about me (I use Chrome as my browser and an Android phone) so I don't really have any privacy concerns.

 

[Natey2]

FWIW, there are DNS Benchmark/Speed Test programs out there.


Sent using Tapatalk

 

[ColinTaylor]

For most people the decision is based on reliability or privacy. Arrange the order of these two on you own preference. I'd say after that would come speed (response times).

Working backwards... In theory your ISP's DNS servers should be the fastest responding and also provide the fastest connection the CDN services (like Netflix, etc.).

However sometimes there are reasons why you don't want to use your ISP's servers. Some ISP's actively snoop DNS and might inject advertising, sell your activity to third parties, block content, etc. Or it may simply be that their DNS servers are slow and/or unreliable. For these reasons you might prefer/need to use an alternative.

If privacy (to an extent) and speed are important then something like Cloudflare's 1.1.1.1 is quite a good option.

 

[digits n bits]

I’ve used google and cloudflare dns for quite awhile. Google is Google as far as privacy goes and Clouflare is kind of wonky. I’ve been using quad9 for last few months and it works well. No issues, fast, east setup. Of course YMMV.

 

[L&LD]

Unbound.

 

[Lee MacMillan]

FWIW, there are DNS Benchmark/Speed Test programs out there.

I am typically exceeding my rated download speed of 100Mbps by 15-20% so speed is not an issue with my current setup.

Do all the free DNS providers have ipv6 servers as well? Is that even important at this point? I know that many of the major sites (Google, FB, Yahoo, etc.) are using ipv6.

 

[ColinTaylor]

I am typically exceeding my rated download speed of 100Mbps by 15-20% so speed is not an issue with my current setup.

Download speeds and DNS response times are two different things.

Do all the free DNS providers have ipv6 servers as well? Is that even important at this point? I know that many of the major sites (Google, FB, Yahoo, etc.) are using ipv6.

All DNS servers, even IPv4-only ones, will return IPv6 addresses if they exist. For example:

C:\Users\Colin>nslookup www.snbforums.com 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    www.snbforums.com
Addresses:  2606:4700:20::681a:842
          2606:4700:20::681a:942
          104.26.8.66
          104.26.9.66

 

[OzarkEdge]

Comcast is my ISP and I have been using Google ipv4 DNS servers for many years. I added Google's ipv6 servers about 3 years ago. (Router is Asus AC66U B1). When I search on free DNS, I don't really see anything that leads me to believe one is better than another. Google already knows everything there is to know about me (I use Chrome as my browser and an Android phone) so I don't really have any privacy concerns.

Check it out:
https://www.quad9.net/

OE

 

[MichaelCG]

Most of it has been covered pretty well.

1.) Privacy vs Performance vs Filtering
2.) CDN Optimization
- probably better to use your providers for that purpose
- where a DNS query originates from may determine what IP is returned to direct your traffic to the closest server
3.) Ping each option to get a high level idea of network latency
4.) Check query response times and published reviews to get an understanding of resolution latency

I personally use OpenDNS/Umbrella still. My latency differences to Google DNS vs OpenDNS is extremely minimal. And I like some of the filtering options from OpenDNS. I know Google and some of the others have added in similar filtering, but it is not configurable nor reportable.

Of course this thread makes me go back and check and as of today, network latency to Google is half what it is to any other provider. Go figure. A couple months back, it was about not nearly that much. Guess it is time to review my setup yet again.

 

[MichaelCG]

Doing a bit more testing and realized that my IPv4 latency greatly differed from my IPv6 latency. All of this is purely network latency, not resolution latency. "Assuming" they are all pretty darn fast at resolving and all provide similar malicious filtering.

IPv4
- Google wins 14.51ms avg latency
- CloudFlare in the mid 20's
- Quad9 in the mid 30's
- OpenDNS in the upper 20's

IPv6
- CloudFlare wins at 7ms
- Quad9 at 10ms
- Google at 15ms
- OpenDNS at 15ms

At this level of latency...I really can't go wrong with any of them. My guess on why CloudFlare is so fast on IPv6 is due to my use of a tunnel broker and I bet CloudFlare is in the same data center as the broker I use. And Google is so fast on IPv4 due to them being my ISP.

Someday I will take the time to figure out how to remove the GF router so I won't need to use a tunnel broker.....but free time is what I don't have these days. Things work for now....so they will stay that way for now.

 

[Lee MacMillan]

Doing a bit more testing and realized that my IPv4 latency greatly differed from my IPv6 latency. All of this is purely network latency, not resolution latency. "Assuming" they are all pretty darn fast at resolving and all provide similar malicious filtering.
.....
At this level of latency...I really can't go wrong with any of them.

Someday I will take the time to figure out how to remove the GF router so I won't need to use a tunnel broker.....but free time is what I don't have these days. Things work for now....so they will stay that way for now.

Thanks for doing all this research. Since I'm not all that concerned about any privacy shortcomings that Google may have, I guess I'll stick with it for now. It ain't broke, so I'm not going to fix it.

Thanks to all who responded. You have added to my minimal understanding of network security and that's always a good thing.

 

[dave14305]

Cloudflare just posted the results of their independent privacy audit:
https://blog.cloudflare.com/announc...-1-1-public-dns-resolver-privacy-examination/

I don't use Cloudflare, but it's good to have an outside party verify the claims.