Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Featured Cloudflare Announces DNS That Won't Track You

Discussion in 'Other LAN and WAN' started by thiggins, Apr 2, 2018.

Tags:
  1. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,163
    spraypainted-1.1.1.1.jpg
    Cloudflare has launched what it bills as the "fastest, privacy-first consumer DNS".

    The company thought introducing its first consumer product on April Fools Day would guarantee them a lot of coverage, and it has. But the service is legit, up and running and ready to rock.

    DNS lookups, which translate domain names to IP addresses, are performed for every internet transaction. The default DNS provider is whatever network you're connecting to, whether it's your ISP at home, your company or free Wi-Fi at your favorite coffee shop.

    While your internet connection may be encrypted, DNS requests are not. So whoever is providing your DNS knows every site you've visited and U.S. providers are free to provide that information to whoever they want, thanks to the U.S. Senate.

    Cloudflare's 1.1.1.1 DNS is free, claims to be the fastest and is committed to privacy. Cloudflare promises to not write DNS logs to disk and to wipe any logs after 24 hours. It also has retained KPMG to annually audit the process and publish a public report.

    Changing your DNS is best done in your router, which will take care of all devices using your network. But for devices that visit other networks, you'd best get into the device's network settings and change it there. Cloudflare's 1.1.1.1 site has instructions for iOS, Android, MacOS, Windows, Linux and routers. All except Android, which only lets you change DNS for a static IP address (gee, I wonder why...) make the process easy.

    More info in Cloudflare's blog post announcement and the accompanying post providing the details on Cloudflare's 1.1.1.1 DNS resolver service.
     
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
  3. Threska49

    Threska49 Occasional Visitor

    Joined:
    Aug 6, 2015
    Messages:
    42
    Hopefully DNSSEC included.
     
    GK59, daviworld and Makaveli like this.
  4. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    26,664
    Location:
    Canada
    While I'm generally not a fan of these third party DNS servers for personal use (as they are less than optimal for CDN-distributed content), Cloudflare has a chance of being at least as performing as Google's DNS since they already have a fairly large network infrastructure for their existing services.
     
  5. Easy Rhino

    Easy Rhino Occasional Visitor

    Joined:
    Mar 20, 2018
    Messages:
    46
    So tangentially, how do I really find out what DNS service is fastest for me? Do I just ping the different big providers (8.8.8.8, 1.1.1.1, 9.9.9.9, etc) and go with the lowest latency?

    And it's still generally preferable to use my own router as a DNS server for my LAN at home, right? More faster and private?
     
  6. Wutikorn

    Wutikorn Senior Member

    Joined:
    Nov 12, 2015
    Messages:
    427
    Location:
    Thailand
    Although that can tell you part of DNS service performance, it's not all, take a look at the following thread:
    https://www.snbforums.com/threads/choosing-dns-servers-for-asus-ac68u.32616/

    You can use both DNS servers at the same time(router, and Cloudflare's) in a way. Your router cannot resolve DNS query on its own, so it needs to ask other DNS servers, which in most case by default, are your ISP's DNS servers, to solve DNS query. If you want to use this 1.1.1.1, change your WAN DNS server setting in your router to affect the whole house. In this case, instead of using your ISP's DNS servers, your router will forward DNS query to 1.1.1.1
     
    abc5 likes this.
  7. Threska49

    Threska49 Occasional Visitor

    Joined:
    Aug 6, 2015
    Messages:
    42
    DNSBench for measuring performance.
    https://www.grc.com/dns/benchmark.htm
     
    Treadler likes this.
  8. avtella

    avtella Very Senior Member

    Joined:
    Oct 8, 2015
    Messages:
    612
    Location:
    USA
    Use this:
    https://www.grc.com/dns/benchmark.htm
    Add 1.1.1.1 to the list, by clicking the “add/remove” button and after running the benchmark you will get a comparison between your DNS and many others plus the 1.1.1.1 that you added. It’s actually fairly decent comparing with the Comcast DNS, obviously not as fast it though. It’s the second fastest in my area.
     
    Treadler likes this.
  9. CrystalLattice

    CrystalLattice Occasional Visitor

    Joined:
    Jan 9, 2017
    Messages:
    41
    Search, download, and run "namebench" for the best way to find the fastest dns servers for your IP.
     
  10. Treadler

    Treadler Regular Contributor

    Joined:
    Nov 9, 2017
    Messages:
    77
    Location:
    South Australia
    Looks like it is.
     
    GK59, daviworld and Makaveli like this.
  11. Treadler

    Treadler Regular Contributor

    Joined:
    Nov 9, 2017
    Messages:
    77
    Location:
    South Australia

    Running the GRC check in my location, the fastest resolvers (in order) are, Cloudflare, Quad9, then Google, & OpenDNS as a very slow last.
    So I’m thinking geographical location/internet infrastructure will be key to the results seen.
     
  12. XelNika

    XelNika New Around Here

    Joined:
    Jan 6, 2016
    Messages:
    8
    Location:
    Denmark
    Your results seem appropriate looking at the server locations. Cloudflare has four data centers in Australia against one each for Google (Google's DNS servers are located at their core data centers and PoPs, but not the GGC) and OpenDNS. Unless you're in or around Sydney, Cloudflare should easily outperform the others.
     
    Treadler likes this.
  13. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    12,317
    Location:
    San Diego, CA
    APNIC and Cloudflare - there is an agreement in place with Cloudflare to use the 1.1.1.1 for analytics and it's to Cloudflare's benefit as well.

    Just saying - it's the same thing that Google's Public DNS does, and folks trust them (and maybe they shouldn't).
     
  14. ironclad

    ironclad New Around Here

    Joined:
    Mar 11, 2018
    Messages:
    9
    abc5 and Treadler like this.
  15. gobble

    gobble Occasional Visitor

    Joined:
    Oct 5, 2012
    Messages:
    11
    Interesting! 1.0.0.1 was fastest for me following googles 8.8.8.8. In my router would it make sense to set my primary and secondary in that way, or is there a reason to set 1.0.0.1 as my main and 1.1.1.1 as the secondary to stay in the same company?
     
  16. Butterfly Bones

    Butterfly Bones Senior Member

    Joined:
    Apr 10, 2017
    Messages:
    269
    Location:
    CA
  17. JemTheWire

    JemTheWire Regular Contributor

    Joined:
    Jan 12, 2016
    Messages:
    81
    Location:
    UK, Manchester
    Same for me, by a country mile. I am in the UK.
     
  18. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    12,317
    Location:
    San Diego, CA
    Kinda figured that would happen, as 1.1.1.1 is a redirect for many captive portals - esp. in the hotel industry. Cleaning that up is going to be a long problem to solve.

    Prior to Cloudflare, this was within a reserved range of IP's (1.1.1.0/24, along with 1.0.0.0/24) for APNIC research. Folks shouldn't have been using those ranges, but they do, and this is the result.

    At least Cloudflare has the infra to put up with a self-inflicted distributed denial of service attack...
     
    Treadler and Butterfly Bones like this.
  19. microchip

    microchip Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    440
    Location:
    Belgium
    Even the Tomato firmware uses in some places 1.1.1.1 internally. Saw it over at http://www.linksysinfo.org/index.php?threads/tomato-using-1-1-1-1-for-pppoe-connect-on-demand.74102/
     
  20. Gouzmalix

    Gouzmalix New Around Here

    Joined:
    Mar 15, 2018
    Messages:
    7
    Tested with DNSBench wih a direct connection to the modem. CloudFlare's 1.1.1.1 service is unfortunately slower—at least in my area—than Google/OpenDNS. All things considered, not too bad though.

    Code:
        8.  8.  8.  8 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
      ----------------+-------+-------+-------+-------+-------+
      - Cached Name   | 0.007 | 0.008 | 0.010 | 0.001 | 100.0 |
      - Uncached Name | 0.017 | 0.048 | 0.175 | 0.040 | 100.0 |
      - DotCom Lookup | 0.024 | 0.036 | 0.050 | 0.008 | 100.0 |
      ---<-------->---+-------+-------+-------+-------+-------+
                 google-public-dns-a.google.com
                     GOOGLE - Google LLC, US
    Code:
      208. 67.222.222 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
      ----------------+-------+-------+-------+-------+-------+
      - Cached Name   | 0.007 | 0.009 | 0.010 | 0.001 | 100.0 |
      - Uncached Name | 0.008 | 0.088 | 0.407 | 0.102 | 100.0 |
      - DotCom Lookup | 0.010 | 0.075 | 0.218 | 0.047 | 100.0 |
      ---<-------->---+-------+-------+-------+-------+-------+
                      resolver1.opendns.com
                   OPENDNS - OpenDNS, LLC, US
    Code:
        1.  1.  1.  1 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
      ----------------+-------+-------+-------+-------+-------+
      - Cached Name   | 0.027 | 0.028 | 0.030 | 0.001 | 100.0 |
      - Uncached Name | 0.028 | 0.063 | 0.182 | 0.043 | 100.0 |
      - DotCom Lookup | 0.029 | 0.059 | 0.128 | 0.038 | 100.0 |
      ---<-------->---+-------+-------+-------+-------+-------+
                1dot1dot1dot1.cloudflare-dns.com
            MEGAPATH2-US - MegaPath Networks Inc., US
     
  21. JemTheWire

    JemTheWire Regular Contributor

    Joined:
    Jan 12, 2016
    Messages:
    81
    Location:
    UK, Manchester
    I too found 1.1.1.1 slower, but 1.0.0.1 the fastest available, beating OpenDNS and Google.
     
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!