Poll: Who do you trust with your DNS on your home connection?

A

atreidesgoldenpath

Gawd
Joined
Jul 20, 2008
Messages
525
Poll: Who do you trust with your DNS on your home connection (for privacy, reliability, speed, etc)?

1. Your ISP
2. OpenDNS
3. Google
4. Other

Feel free to elaborate on your reasoning!

Personally I have always left this to my ISP until I moved to a rural location 6 months ago and the domain resolution has been horrific. I changed over to OpenDNS and pages load so much faster it's night and day.

I don't trust Google to be the gatekeeper of all my Internet activity!
 
I trust my ISP's DNS servers. Why?

Because I loaded and configured them.

True, they can't always compete with the cache monsters that are the high traffic Google public DNS and OpenDNS, but when they're fast, they're fast. Not even Google can touch my 1ms resolve times for cached items. When it comes to recursive lookups I'm anywhere from 100 to ~300ms on average, with no redirects if you type in an invalid domain and I enforce security, so no spoofing threats.

OP, where do you live and who is your service provider?
 
Ashamed to be using Level3 resolvers right now. According to Namebench, they are the fastest in my list, followed by other ISPs. Time Warner Cable is lowest in the top 15 in the list.
 
Dicked around with running a slave to some of the "we have cool TLD" servers and have stuck with them. I should probably switch to something faster.

I do NOT use Cox's DNS because they use redirect pages.
 
OpenDNS for home, and for all my clients. Be it a simple home router setup, peer to peer network (in those cases, done on the router)...or larger clients with servers and active directory (in which case I use them in the DNS forwarding).

I prefer OpenDNS simply because of the filtering of malware that they do. They maintain a constantly updated list of known malware distribution sites..and filter those out (thus blocking those sites). This provides an added layer of security that compliments the antivirus on the desktops, as well as any UTM appliance (like Untangle) at the edge, helping to cut down on malware calls at clients.

The workstation can't download what it can't resolve!

The speed is often a wash...depends which ISP the client used...some cases OpenDNS is faster than the default ISP, other cases it's slower. But this isn't what I'm after.

There are other "safe DNS" services out there...Comodo, Norton, amongst others. But I use OpenDNS because I feel it's most permanent.
 
8.8.8.8
8.8.4.4.

I also have a program for windows that pings servers using various DNS services and selects the lowest one, but I'm at work now and don't remember the name of the software.
 
For the longest time I used the DNS servers I setup at work. In the year and a half prior to my leaving the company I started switching clients and my home over to OpenDNS.

I'm on Comcast and for the longest time Comcast couldn't figure out how to run a DNS service. So it just made sense to use my own DNS servers. Plus it also let me know pretty quickly if something was up at work.

Now that I am no longer there it just makes sense to use OpenDNS instead,
 
75.75.75.75
75.75.76.76

2001:558:FEED::1
2001:558:FEED::2

Comcast's anycast DNSSEC capable servers + DNSSEC validator add-on for browser
 
5. Myself

Local resolver only. The only thing I rely on third parties for is connectivity. Domains, DNS, mail I do myself.
 
Whatever default ones Comcast provides to my router. I've not had any issues, so I'm happy with it as is.
 
I sure as shit don't trust Verizon. I use Google DNS because its fast and when I want to have more security I'll go with OpenDNS.
 
I have a local DNS server running the zones I have hosted externally, but supplying my local IPs for access for the stuff I host off of my own VM servers, and caching all other requests which I forward out to OpenDNS.

If forwarding failed, which I've never seen so far with my Internet connection actually working, it is set to drop back to try using root hint servers to do my lookups.
 
Run my own. I trust my ISP name servers since I set them up but my local name servers also have local only domains I use for internal stuff.
 
OpenDNS usually. Though I kick it oldschool on a few VMs and only use a hosts file with trusted domains.
 
I thought I was using OpenDNS .. but I fail the opendns test thingy .. I have the OpenDNS servers manually inputed into my network settings .. but still no dice ..

-Win7 x64 using DHCP w/manually inputed DNS servers behind a smoothwall box behind a cable modem..of which the OpenDNS servers are put into the dhcp server settings of the smoothwall box....but wasn't passing the opendns webpage test so I manually inputed the dns servers in my network settings...

..
 
Last edited:
A local recursive resolver, since using Comcast's takes me 500 miles away and that is bullshit for GSLB.

Google's 8.8.8.8 takes me to NJ, which is alright..

Having recursive caching answering in .5ms is best for the stuff i constantly access.

When I'm not using my own resolver, I use Dyn Internet Guide 216.146.35.35, Sendori, or Norton.
 
I generally just use my ISP's DNS servers. I've thought about running a local cache and/or switching to a different service, though. Being as their DNS server's are in St. Louis I get pretty look-up times.
At work we run our own DNS and use AT&T as a backup.
 
Jzegers24 said:
whatever comes out on top with this:

http://code.google.com/p/namebench/

DNS benchmark tool
Click to expand...

Sweet program. Thanks for sharing.

I read that you shouldn't be using anything but your ISPs DNS for speed reasons because they are the "top" of the food chain so to speak if I remember right. They get to their destination fastest. Don't have the article to link though.

This tool keeps giving me different results and recommendations each time though
 
Last edited:
I stopped using the Comcast DNS servers because it is WAY beyond unacceptable that they redirect unknown DNS requests to their own Comcast search engine.

Every 6 months or so I ping Google's DNS servers as well as the Level 3 DNS servers, take the top 3 with the lowest ping and enter those into my router.
 
I use OpenDNS at home, but after reading through this thread I might test out Level3 now.
 
I stopped using the Comcast DNS servers because it is WAY beyond unacceptable that they redirect unknown DNS requests to their own Comcast search engine.

Every 6 months or so I ping Google's DNS servers as well as the Level 3 DNS servers, take the top 3 with the lowest ping and enter those into my router.
Click to expand...
Comcast phased out their domain helper service in Mar 2011. Pinging DNS servers doesn't really tell you anything. Your logic is a bit flawed methinks.
 
You must log in or register to reply here.
Back
Top