Poll: Who do you trust with your DNS on your home connection?

thecrafter said:
Sweet program. Thanks for sharing.

I read that you shouldn't be using anything but your ISPs DNS for speed reasons because they are the "top" of the food chain so to speak if I remember right. They get to their destination fastest. Don't have the article to link though.

This tool keeps giving me different results and recommendations each time though
Click to expand...

You might want to check that article again, and then run the namebench program linked to in this thread.

Most large ISPs have bad and slow DNS.

If you made the assumption that your ISP treated DNS the same as say OpenDNS or Dyn or one of the other big players, then yes, you'd probably have great DNS responses in under 5 hops. I've yet to find an ISP that has a clue about DNS.
 
I use my own DNS cache server which then forwards to Google. Since it's only name resolution, it's not like they can see exactly what URLs I'm going to, or what I'm sending over the wire, so I don't really care, even if they did look at all the records.

I was using open DNS for a while and it worked great, but when you get an unresolvable host, instead of actually not resolving it, it resolves it to a default IP. This was causing issues with some of my internal stuff so I switched to Google. My ISP's DNS is slow so I don't use it. At one point I was just using the root DNS directly but I found it was taking up too many connection slots. (my ISP caps that)
 
mwarps said:
You might want to check that article again, and then run the namebench program linked to in this thread.

Most large ISPs have bad and slow DNS.

If you made the assumption that your ISP treated DNS the same as say OpenDNS or Dyn or one of the other big players, then yes, you'd probably have great DNS responses in under 5 hops. I've yet to find an ISP that has a clue about DNS.
Click to expand...

Mine :)
 
Red Squirrel said:
I use my own DNS cache server which then forwards to Google. Since it's only name resolution, it's not like they can see exactly what URLs I'm going to, or what I'm sending over the wire, so I don't really care, even if they did look at all the records.

I was using open DNS for a while and it worked great, but when you get an unresolvable host, instead of actually not resolving it, it resolves it to a default IP. This was causing issues with some of my internal stuff so I switched to Google. My ISP's DNS is slow so I don't use it. At one point I was just using the root DNS directly but I found it was taking up too many connection slots. (my ISP caps that)
Click to expand...
Why rely on a forwarder? It's not like DNS takes ages to resolve. On a decent connection it should take 1-2s max. to resolve a name for the first time. Most sites should have TTLs in the range of days, so it's not as if you constantly have 2s delays on every lookup.
 
DNSMasq on dd-wrt, supplied by ISP. I would use something else but I'm concerned that caching (Akamai, Youtube, Steam) would point somewhere far away. Am I accurate on this?
 
topdragon147 said:
DNSMasq on dd-wrt, supplied by ISP. I would use something else but I'm concerned that caching (Akamai, Youtube, Steam) would point somewhere far away. Am I accurate on this?
Click to expand...
I don't see how. You still use an address from your ISP's range. If anything, it's MORE accurate since you are using the same address for lookups and the actual data transfer.
 
i dont wanna sound un-hard.. but who ever thinks or whats to change their DNS for home use.. I never had an issue with 10+ years and 4 different internet providers
 
mjz_5 said:
i dont wanna sound un-hard.. but who ever thinks or whats to change their DNS for home use.. I never had an issue with 10+ years and 4 different internet providers
Click to expand...

Then you're lucky because I've experienced first hand how an ISP can get DNS completely wrong. Any [H] person who's looked into tweaking thier internet connection performance has probably come accross articles about DNS. If you haven't been inclined to tweak that area of computing or if you've never experienced DNS sluggishness or persistent time outs, then it's very well possible you never even thought about it. I certainly think it's worth raising the awareness of how one's DNS performs and the Namebench tool can be a good way to do that. No matter how many Mbps you subscribe too, DNS can make a difference in how fast your internet connection feels.
 
mjz_5 said:
i dont wanna sound un-hard.. but who ever thinks or whats to change their DNS for home use.. I never had an issue with 10+ years and 4 different internet providers
Click to expand...

same here. I guess we're just not [H] ;)

This is one of those things I file in the "If it ain't broke" category.
 
TCM said:
Why rely on a forwarder? It's not like DNS takes ages to resolve. On a decent connection it should take 1-2s max. to resolve a name for the first time. Most sites should have TTLs in the range of days, so it's not as if you constantly have 2s delays on every lookup.
Click to expand...

I have lot of my own local stuff, so I have my own A records. Anything that's not in my DNS then is forwarded to the outside world.
 
i bounce around between OpenDNS and Google's public DNS. Currently using Google's.
 
was using OpenDNS (figured out why it wasn't working on my smoothwall box and fixed it) .. but ran the namebench program and it told me that some Qwest servers were 75% faster than OpenDNS's servers .. so I switched
 
Apparently since Comcast made a joke out of themselves last year they got their shit together (partially)..

Their "anycast" DNS server (which is .. barely anycast) at 75.75.75.75 takes me 30 miles away. 75.75.76.76 takes me 500 miles away. Good attempt, but abject failure.

So my new config (since I'm getting rid of my SAK box here at home) is 75.75.75.75, 216.146.35.35, and 8.8.8.8.

OpenDNS on 208.67.222.222 has unexplainable and repeatable multi-second delays in resolution.
 
I'm currently using my own, with forwarding to Google's DNS server.

I've used OpenDNS for about 5 seconds in the past, but as pointed out they've got really annoying NXDOMAIN replies (I don't like to be forwarded to a search engine, like my ISPs DNS servers do).
 
For everyone using outside DNS providers, you should keep in mind it can change the results you get for Akami hosted content. Akami uses a mix of BGP and DNS query source to determine where to send requests. For example if you use google DNS from the ISP I work from you get directed to an entirely different Akami source instead of our local mirror. Just something to keep in mind.
 
Xipher said:
For everyone using outside DNS providers, you should keep in mind it can change the results you get for Akami hosted content. Akami uses a mix of BGP and DNS query source to determine where to send requests. For example if you use google DNS from the ISP I work from you get directed to an entirely different Akami source instead of our local mirror. Just something to keep in mind.
Click to expand...

Yes. This is called GSLB and depending on how hardcore they are, GeoIP. This is very common. It is used by most CDNs, not just Akamai.

The main reason i switched to my own local DNS away from Comcast's then shit-tastic DNS was that my DNS queries were being sent to VA, and I was getting a Netflix server down there, which was pretty awful.
 
Thanks everyone for the great thread.

Glad to see I am not alone in having ISP DNS problems. I have been using OpenDNS for a few weeks now with great success. I will keep Google DNS in mind for the future but I don't really trust Google (although I am a search and gmail user)... :p

My Internet experience has been like night and day since I stopped using my ISP DNS.
 
I use namebench to determine which DNS servers are best for me and use them. ATM thats Qwest
 
My ISP DNS is frankly awesome. It resolves faster than the big guys and has been reliable.

I have switched around between many, but have always come back to my ISP as the primary.
 
What I would do is register a domain name and get a static IP address to your home then run a BIND 9 DNS server authoratatively, then you become your one DNS provider that is if you trust your own security.
I have 3 such domains I use. Since DNS shaping is used by Google and Yahoo to record your DNS queries.
 
You must log in or register to reply here.
Back
Top