What DNS Do You Use?

Topic

New Reply

Just curious as to what DNS settings the lounge members are using. I personally use OpenDNS. Been using it for years, and now that Cisco has acquired them (and I use Cisco routers), it seems to make sense.

Nathan Parker

Reply | Quote

Replies

it seems to make sense.

Not sure what you mean by ‘it seems to makes sense’?

I suspect that many ‘loungers’ may just use the default, i.e. their ISP’s DNS. Others will prefer DNS tailored specifically to their own personal needs, e.g. family-friendly or even no restrictions imposed by a third-party service.

There’s a recent discussion here: Smart technology help

Hope this helps…

Reply | Quote

Personally, I use Level 3’s DNS servers (4.2.2.2-6), as they’re consistently the fastest for my location as measured by DNS Benchmark.

In my tests I paid particular attention to comparing my ISP’s DNS servers vs. Level 3, Google and OpenDNS. My ISP and Level 3 usually come out about even, Google’s DNS is usually just a tad behind the leaders, and in my area OpenDNS is usually around twice as slow as the others. Over several months of repeat testing Level 3 tended to be steadier and more consistent than my ISP, so that’s why I settled on them instead of my ISP.

Of course, results in your area might be different. I suggest you download DNS Benchmark and check it out for yourself.

Reply | Quote

Personally, I use Level 3’s DNS servers (4.2.2.2-6), as they’re consistently the fastest for my location as measured by DNS Benchmark.

Good explanation about how/why you went about testing the response speed of different DNS providers. I suspect most people don’t bother (or perhaps don’t understand why they should) so thanks for the feedback about your experience.

Reply | Quote

Who cares how fast the DNS is, as long as it works?
(I use my ISP.)

cheers, Paul

Reply | Quote

Who cares how fast the DNS is, as long as it works?
(I use my ISP.)

cheers, Paul

I have had reasons to switch from the default DNS my ISP provides.

I use AT&T (U-Verse) for my Internet connections. This company when using its own Pace DNS or AT&T DNS, can get slow or even fail to resolve domains at times. Traffic may be at fault here.

Also, there have been tech press reports that AT&T (and some other ISPs) have been scanning traffic for email headers, breaking secure email logins and other practices aimed at collecting personal information which has then been sent on to NSA and other agencies.

Open DNS has not had these issues, to my knowledge.

I have switched after doing a MS Updates session and not being able to reach the MS servers, or even the Microsoft domain, when using Windows Update, using the MS Updates Catalog in any browser, or even accessing just the MS Sites using Linux and Chrome or Firefox. The problem seems to have been temporary, but it made me think.

I no longer trust ISP provided DNS. There are just too many issues in my experience.

-- rc primak

1 user thanked author for this post.

Morty

Reply | Quote

I have had reasons to switch from the default DNS my ISP provides.

I use AT&T (U-Verse) for my Internet connections. This company when using its own Pace DNS or AT&T DNS, can get slow or even fail to resolve domains at times. Traffic may be at fault here.

Also, there have been tech press reports that AT&T (and some other ISPs) have been scanning traffic for email headers, breaking secure email logins and other practices aimed at collecting personal information which has then been sent on to NSA and other agencies.

Open DNS has not had these issues, to my knowledge.

I have switched after doing a MS Updates session and not being able to reach the MS servers, or even the Microsoft domain, when using Windows Update, using the MS Updates Catalog in any browser, or even accessing just the MS Sites using Linux and Chrome or Firefox. The problem seems to have been temporary, but it made me think.

I no longer trust ISP provided DNS. There are just too many issues in my experience.

After my experience in GA, I no longer trust ISP provided DNS either. I guessed I was burned at a critical moment and decided to toss ISP provided DNS to the wind.

Nathan Parker

Reply | Quote

I found that using my ISP’s would delay my start up by initially putting a yellow alert on my wireless icon in the system tray.

At the time I was using my own Billion BiPac 7800N router and their advice told me to use Google’s 8.8.8.8 / 8.8.4.4 and while I’ve tried Open DNS and 4.2.2.1 – .6 I’ve remained with Google’s.

I continued to get that with their own router and default servers, so it wasn’t anything to do with the 7800N.

For a while I experimented with the selection of TalkTalk’s (my ISP) severs which I found through Google, but still came back to Google’s.

Reply | Quote

I use a small portable utility called DNS Jumper. It checks the speed of available DNS servers and finds the fastest ones. You can then select the one you want from the list of 45 servers.

http://www.sordum.org/7952/dns-jumper-v2-0/

Reply | Quote

I’ve tried that program but every time you use it, it gives a different server as the quickest.

Reply | Quote

One could argue that this is quite a valid result, given the complexity of paths over the internet!
I just run DNS Benchmark every three months or so, and usually end up making no change…

BATcher

Plethora means a lot to me.

Reply | Quote

I think if you’ve found one that you’re happy enough with, then just stick with that.

The average user probably just uses the ISP default anyway unless they experience problems.

Reply | Quote

Great discussion so far. My “reasoning” behind OpenDNS to continue using it after the Cisco acquisition was the fact I use Cisco routers. Now that Cisco owns OpenDNS, using their DNS with their routers made a little sense to me if I were discussing things with Cisco Support. With that said, the DNS Benchmark utility sounds interesting, and I’ll give it a whirl and see if changing to Level 3 or another DNS provider would yield better results for me. I have a local ISP, but I think Windstream is their DNS backend since they’re using Windstream fiber backbone to their wireless towers (I’m on a local WISP). I’ve had some issues with Windstream DNS when I had Windstream directly in GA, and I switched between Level 3 and OpenDNS a couple of times to see which one was more reliable up there.

Nathan Parker

Reply | Quote

Until about eighteen months ago I was using my ISP’s DNS server, but was noticing that my browsers were becoming progressively slower to open webpages with more frequent “page cannot be displayed” errors.

About the same time I attended a couple of customers in a certain nearby district, both w/ the same ISP, who were having even worse problems (one of them couldn’t download Windows Updates). So I did some googling and experimented w/ settings for several publicly-accessible DNS servers (Micro$oft, Google, OpenDNS, etc.

At that time I found Micro$oft’s DNS servers were fastest and most reliable, so changed the DNS settings in my ADSL2+ modem-router to the M$ DNS IP addresses – ‘Primary: 4.2.2.2’, ‘Secondary: 4.2.2.3’.

Since then I have had no cause to change those settings; I seldom get “page cannot be displayed” errors, and webpages usually load almost instantly (although webpages that have a lot of images, or that have video may take a second-or-two longer).

Reply | Quote

At that time I found Micro$oft’s DNS servers were fastest and most reliable, so changed the DNS settings in my ADSL2+ modem-router to the M$ DNS IP addresses – ‘Primary: 4.2.2.2’, ‘Secondary: 4.2.2.3’.

I don’t think they’re Microsoft’s: 4.2.2.2: The Story Behind a DNS Legend

Reply | Quote

I’m astounded that your ISP has such a poor DNS – what do they use themselves? There is no excuse for having a DNS that isn’t up to date / doesn’t handle the traffic, particularly if you’re an ISP.

cheers, Paul

Reply | Quote

I’m astounded that your ISP has such a poor DNS – what do they use themselves? There is no excuse for having a DNS that isn’t up to date / doesn’t handle the traffic, particularly if you’re an ISP.

cheers, Paul

I can’t remember if I’ve tested my local ISP’s DNS since I’ve moved to them. I think my router was already configed to OpenDNS when I changed ISP’s. It was when I directly had Windstream in GA when I had the DNS issues, and since my local ISP uses Windstream as the backbone connection, I didn’t want to chance hitting Windstream’s DNS servers again.

I think my local ISP personally uses OpenDNS for their browsing, and Windstream direct generally recommends Level 3, OpenDNS, or Google to their customers.

Nathan Parker

Reply | Quote

4.2.2.2 is part of AS3356, as far as I can tell, that’s currently owned by Level 3 Communications, Inc.

Reply | Quote

One more consideration is being safe.
DYNDNS offers two DNS address for safe surfing.
They have their own white and black list for good and bad sites.
I have not had any problems using their DNS servers and usually setup my clients that are not careful about their surfing.

Reply | Quote

One more consideration is being safe.
DYNDNS offers two DNS address for safe surfing.
They have their own white and black list for good and bad sites.
I have not had any problems using their DNS servers and usually setup my clients that are not careful about their surfing.

I’ve thought about DynDNS, but did you have issues with it when the big Dyn outage happened?

Nathan Parker

Reply | Quote

I have never had a problem with DYNDNS as a DNS server or any of their other products.

Reply | Quote

I have never had a problem with DYNDNS as a DNS server or any of their other products.

Good to know. I used DynDNS Dynamic DNS in the past for a webcam (I have a Static IP now with my ISP that’s included with my service so no need for the domain), and it always worked. I’ve always “liked” DynDNS, but the last outage they had made me a little worried.

Nathan Parker

Reply | Quote

4.2.2.2 is part of AS3356, as far as I can tell, that’s currently owned by Level 3 Communications, Inc.

Yes, the entire set of 4.n.n.n addresses have been Level 3’s since 1992.

https://whois.arin.net/rest/net/NET-4-0-0-0-1

Net Range: 4.0.0.0 – 4.255.255.255 (4.0.0.0/8)

Organization: Level 3 Communications, Inc. (LVLT)

RegDate: 1992-12-01

…

Reply | Quote

FWIW: My ISP is Comcast/Xfinity and it uses DNS 75.75.75.75. I ran the DNS Benchmark from Steve Gibson’s website and my ISP beat both OpenDNS and the Level 3 4.2.2.2 DNS Servers. (Level 3 beat Open DNS as well).

I admit their the speed difference was not that significant.

Reply | Quote

Nathan
You may be past this point but FYI good info at
https://www.grc.com/dns/configuring.htm

and a tester for DNS
https://www.grc.com/dns/benchmark.htm

:cheers:

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Nathan
You may be past this point but FYI good info at
https://www.grc.com/dns/configuring.htm

and a tester for DNS
https://www.grc.com/dns/benchmark.htm

:cheers:

I’ll definitely look at it. I haven’t had a chance to do much in-depth DNS testing yet, so I can throw this in to the others. Thanks for telling me about it.

Nathan Parker

Reply | Quote

I use DNS Jumper and, via their testing option, use the fastest one available at my end: US Lever 3-A (209.244.0.3 209.244.0.4)

http://www.sordum.org/7952/dns-jumper-v2-0/

Reply | Quote

All traffic is routed through your ISPs servers/pipes, whether you change the DNS or not. A DNS server does not require anything other than the address you want to contact and responds with the correct IP address.

What is a DNS server.

Reply | Quote

All traffic is routed through your ISPs servers/pipes, whether you change the DNS or not. A DNS server does not require anything other than the address you want to contact and responds with the correct IP address.

What is a DNS server.

While I am aware of this aspect of ISP traffic routing, I have noticed significant performance improvements when using an alternate DNS. So this is the main benefit. Whether or not the traffic can still be as easily sniffed and encryption broken, I leave to tech experts to inform me,if you or others may wish to do so.

I do not look upon switching DNS primarily as a security or privacy measure.

@wavy & Nathan Parker — In light of Satrows’s info, I’m guessing no, a VPN will do nothing against an ISP breaking encryption before the traffic even gets out onto the Internet. Which is where ISPs typical do their dirty work — very early in the data transmission process. Possibly before a VPN can work its magic.

-- rc primak

Reply | Quote

@wavy & Nathan Parker — In light of Satrows’s info, I’m guessing no, a VPN will do nothing against an ISP breaking encryption before the traffic even gets out onto the Internet. Which is where ISPs typical do their dirty work — very early in the data transmission process. Possibly before a VPN can work its magic.

Well if an ISP is setting itself up for a Man-in-the-Middle attack all bets are off. Once you are using a VPN your DNS requests go out through the other end at the VPN server. Between you and the VPN server they should be encrypted.

FYI I ran some DNS speed tests and as a result I am now once again using my ISPs DNS which is supporting DNSSEC. Tried again today and that is still fastest..
:cheers:

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

You might want a VPN service to address your concerns.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

You might want a VPN service to address your concerns.

I personally have a VPN (WiTopia) as well, and it is good to have a VPN as well. Right now I have their DNS disabled on it since when I disconnect my VPN on my Surface Book, my connection drops instead of switching back to my default DNS.

Nathan Parker

Reply | Quote