Should I use alternative DNS servers?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Johno

Regular Contributor
Occasionally I find that browsing a web site on my iPad results in poor performance, with sites taking a long time to load with nothing happening, just a blank page with the browser showing that it's waiting on or doing something. Sometime a page loads, but a list of image thumbnails doesn't load at all, for example, when browsing a well-known UK holiday cottage website. If I switch off the Wi-Fi connection from the iPad so that a mobile data connection is used, then I get no such issues and the site loads quickly and completely. My broadband connection is 70Mbps FTTC so it's not slow but the occasional aforementioned poor performance using my home broadband is getting to be a pain so I was wondering if it's my ISP's DNS that could be the problem? My Asus router has Merlin firmware and it's WAN config is set to get DNS servers automatically, which I believe means that my ISP DNS servers are selected. All local network DNS traffic is handled by the router which I suppose would be forwarding any external requests to the WAN-specified DNS servers.

I've used namebench to determine which DNS servers would be optimal for me and it's reported the following:

Recommended configuration (fastest + nearest)​

Primary Server192.168.1.1Internal 192-1-1
Secondary Server62.6.40.178BT-71 GB
Tertiary Server129.250.35.251NTT-2

So I've made the BT and NNT DNS servers the primary and secondary in my router's WAN config so I guess I'll see how it goes with regard to future web browsing performance.

I'd welcome any comments or feedback on the above and also whether I might be barking up the wrong tree?

Thanks in advance.
 

degrub

Very Senior Member
do you have the same issue through a hardwired connection to your router ?
Do you get the same issue if you specify 1.1.1.1 (cloudflare) or 8.8.8.8 (google) ?
 

ddaenen1

Senior Member
I am using google DNS 8.8.8.8 (prim) and 8.8.4.4 (sec) both set up in my router. Happy with them and a whole lot better than the DNS servers my ISP wants to point me towards. All connected devices pick up the DNS from the gateway. None of them has their own DNS settings. This is the way!
 

Tech9

Very Senior Member
My Asus router has Merlin firmware

You have the option to run your own DNS resolver. It will be a bit slow until it builds the cache and lightning fast after.

 

avtella

Very Senior Member
I use unbound in forwarder mode (TLS enabled) with Cloudflare DNS, it’s about as fast as my ISP (Comcast) which I believe may actually be using Level 3’s DNS.

Unbound in resolving mode as @Tech9 mentioned, is another option, but for me was just way too slow for uncached entries crossing over into the 1-2 second range for resolutions, but you may have better luck so doesn’t hurt to try.
 

avtella

Very Senior Member

coxhaus

Part of the Furniture
You should setup a ping to your DNS servers and check your network. You could have a network problem. Maybe a bad cable or something like that.
Have you tried Unbound in pfSense? It works really well and with <1ms response time for cached entries.

The problem with Unbound is you become responsible for your own DNS. So, you are now responsible and doing the job of what say QUAD9 does. If a DNS problem happens for whatever reason, you are left holding the bag and can't fix it. You have to wait for code updates that could take days, weeks or months before it gets fixed. If you use say QUAD9 they are going to have a fix right away as that is their job. I would much rather to rely on QUAD9 for DNS.
 

coxhaus

Part of the Furniture
Let it run until you see the problem. Then you may have a better picture. If you have played with QoS you could be causing the problem on your router.
 

ddaenen1

Senior Member
Have you tried Unbound in pfSense? It works really well and with <1ms response time for cached entries.
I actually had to check that. I thought pfSense was using Google DNS set up in the General setup DNS entries in pfsense but it seems that this is not the case and that Unbound is active by default and what i understand from the documentation is that pfsense queries the root servers instead of Google.
 

Tech9

Very Senior Member
The problem with Unbound is you become responsible for your own DNS.

This is exactly the way I want it to be. I want to have control of what's allowed and what's not. What is QUAD9's responsibility if you download accidentally malware and it destroys your data? Absolute QUAD zero! I also don't like to give my entire Internet history to one external company. Chunks of it spread between 15 sounds better to me. We are talking about options on devices capable running DNS Resolver, DoT, DNS/IP blockers, DNS/Services filters, IDS/IPS. With your router you have no choice but relying on external services.
 

Tech9

Very Senior Member
I actually had to check that.

Both Resolver and Forwarder options are available. Run DNS Leak Test and it will give you instantly the answer how your system is setup. With forwarder you'll see Google's DNS servers. With Resolver you'll see your own external IP address. pfSense documentation explains how to adjust Unbound settings, but for more details take a look at Unbound documentation. It explains better what the settings do. Before you touch anything make sure you agree to take full responsibility for your network. ;)
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top