Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

What DNS would you recommend?

Off-Topic discussions about science, technology, and non Debian specific topics.
Message
Author
User avatar
bester69
Posts: 2072
Joined: 2015-04-02 13:15
Has thanked: 24 times
Been thanked: 14 times

What DNS would you recommend?

#1 Post by bester69 »

Hi,
What dns server do you think is the best and why?
https://en.wikipedia.org/wiki/Public_re ... ame_server

Im using now, cleanbrowsing dns, cos they've FamilyFilter and DNSCrypt (So prevent DNS spoofing)
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: What DNS would you recommend?

#2 Post by sickpig »

the wiki link lost me at porn blocking :D
m using cloudflare as that is the fastest one around as per benchmarks and their ips are so cool, you cant beat 1111

User avatar
pylkko
Posts: 1802
Joined: 2014-11-06 19:02

Re: What DNS would you recommend?

#3 Post by pylkko »

You can benchmark them from your location and network. If I remember, there's even a package that does it for you.

You can also run your own DNS but not so many benefits as far as I can see

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: What DNS would you recommend?

#4 Post by Head_on_a_Stick »

The main benefit of a local nameserver is caching:

Code: Select all

Puffy:~$ dig google.com
[...]
;; Query time: 113 msec
[...]
Puffy:~$ dig google.com
[...]
;; Query time: 1 msec
I also use Cloudflare, via unwind(8) in OpenBSD & unbound for my other systems.
deadbang

User avatar
pylkko
Posts: 1802
Joined: 2014-11-06 19:02

Re: What DNS would you recommend?

#5 Post by pylkko »

In a way that makes sense, if you can lower the access time that much, but I get a 16 ms with dig using openDNS (wifi) and a 1-2 ms on LAN (wifi), so the difference is not so drastic for me and would be even less on cable (I have ethernet cabling and can get wired network in all rooms of the house).

when you use a local nameserver, do you dedicate a separate machine for it? Some people have an ARM dev board or router with custom OS to server the entire network. Or do you have a per-machine set-up, or how does it work?

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: What DNS would you recommend?

#6 Post by Head_on_a_Stick »

pylkko wrote:when you use a local nameserver, do you dedicate a separate machine for it?
No, I only have the one laptop :)
pylkko wrote:how does it work?
I just enable unbound.service and add

Code: Select all

nameserver 127.0.0.1
to /etc/resolv.conf

I was using systemd-resolved (which has a smaller memory footprint than unbound) but it was causing some delays with lookups and general browsing so I switched.
deadbang

User avatar
pylkko
Posts: 1802
Joined: 2014-11-06 19:02

Re: What DNS would you recommend?

#7 Post by pylkko »

I know that openDNS is kind of not open in any sense and owned by Cisco. It just was faster than my ISP. It sounds like a great idea to use your own to keep your own data. But AFAIK, your own nameserver has to pass the data to another server out there anyway. Sometimes I have heard the argument that this protects your data a little bit since then you send the data not so frequently and it can be pooled data of many users, but not so sure of the validity of the argument.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: What DNS would you recommend?

#8 Post by Head_on_a_Stick »

pylkko wrote:your own nameserver has to pass the data to another server out there anyway
I have unbound configured to forward all requests to Cloudflare but it can query the root nameservers (given in the root.hints file) directly, at the expense of privacy (the servers can see your IP address then).
deadbang

reinob
Posts: 1189
Joined: 2014-06-30 11:42
Has thanked: 97 times
Been thanked: 47 times

Re: What DNS would you recommend?

#9 Post by reinob »

bester69 wrote:Hi,
What dns server do you think is the best and why?
https://en.wikipedia.org/wiki/Public_re ... ame_server

Im using now, cleanbrowsing dns, cos they've FamilyFilter and DNSCrypt (So prevent DNS spoofing)
and how did you configure your computer to use DNSCrypt? are you using dnscrypt-proxy?

FWIW I use unbound w/o any upstream server (forward zone) for servers (VPS, NAS) and whatever my home router has (i.e. ISP) for the rest. It's usually faster (read: closer) than other public ones, even Cloudflare.

For some time I used a raspberry pi with dnsmasq as DNS server, but then I also had to use it for DHCP (for internal name resolution to work..), which worked OK (and had the bonus of being able to block ads via DNS for the whole home network), but caused lots of (minor, but annoying) issues with my home router (a Fritzbox, which is about the only one you can use in Germany if you want router and DSL modem in one), so I reverted that :(

millpond
Posts: 698
Joined: 2014-06-25 04:56

Re: What DNS would you recommend?

#10 Post by millpond »

I would recommend OpenDNS. Though it does have occasional 'issues'.
Cloudflare is nasty and will try to censor sites when it feels like.
Google is the Great Firewall of the West.

Best to create your own DNS files of sites you frequent, but may not be that politically correct.

reinob
Posts: 1189
Joined: 2014-06-30 11:42
Has thanked: 97 times
Been thanked: 47 times

Re: What DNS would you recommend?

#11 Post by reinob »

millpond wrote:I would recommend OpenDNS. Though it does have occasional 'issues'.
Cloudflare is nasty and will try to censor sites when it feels like.
Google is the Great Firewall of the West.
Care to elaborate on that?

AFAIK OpenDNS does filtering (what you call censoring).
Cloudflare does, reportedly, not. Google doesn't either.

Would be interesting to read your sources on this.

p.H
Global Moderator
Global Moderator
Posts: 3049
Joined: 2017-09-17 07:12
Has thanked: 5 times
Been thanked: 132 times

Re: What DNS would you recommend?

#12 Post by p.H »

millpond wrote:Best to create your own DNS files of sites you frequent, but may not be that politically correct.
Could you elaborate on this too ?
What is a "DNS file of sites", and why may it not be politically correct ?

millpond
Posts: 698
Joined: 2014-06-25 04:56

Re: What DNS would you recommend?

#13 Post by millpond »

reinob wrote:
millpond wrote:I would recommend OpenDNS. Though it does have occasional 'issues'.
Cloudflare is nasty and will try to censor sites when it feels like.
Google is the Great Firewall of the West.
Care to elaborate on that?

AFAIK OpenDNS does filtering (what you call censoring).
Cloudflare does, reportedly, not. Google doesn't either.

Would be interesting to read your sources on this.
Google censorship is well known. Proven in many articles since the election. Just try to find a really politically incorrect video, like Tarrant's or numerous others. Its openly banned 'copyright violations'.It actively tries to block some of my VPN servers. Vile.

Cloudflare will try to block torrent sites periodically. And who knows what else.

OpenDNS will block sites, usually with fake certificate errors.It periodically tries to block my own site. It leads to block.opendns.com

millpond
Posts: 698
Joined: 2014-06-25 04:56

Re: What DNS would you recommend?

#14 Post by millpond »

p.H wrote:
millpond wrote:Best to create your own DNS files of sites you frequent, but may not be that politically correct.
Could you elaborate on this too ?
What is a "DNS file of sites", and why may it not be politically correct ?
On win thre is a native hosts, and it can be added to Linux with a util.
A native DNS lookup/filter.

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: What DNS would you recommend?

#15 Post by sickpig »

millpond wrote:On win thre is a native hosts, and it can be added to Linux with a util.
A native DNS lookup/filter.
what's the proof?

p.H
Global Moderator
Global Moderator
Posts: 3049
Joined: 2017-09-17 07:12
Has thanked: 5 times
Been thanked: 132 times

Re: What DNS would you recommend?

#16 Post by p.H »

millpond wrote:On win thre is a native hosts, and it can be added to Linux with a util. A native DNS lookup/filter.
Do you mean the hosts file ? It is present in GNU/Linux too as /etc/hosts. It is used as a local source for hostname lookup and has nothing to do with DNS.

reinob
Posts: 1189
Joined: 2014-06-30 11:42
Has thanked: 97 times
Been thanked: 47 times

Re: What DNS would you recommend?

#17 Post by reinob »

millpond wrote: Google censorship is well known. Proven in many articles since the election. Just try to find a really politically incorrect video, like Tarrant's or numerous others. Its openly banned 'copyright violations'.It actively tries to block some of my VPN servers. Vile.

Cloudflare will try to block torrent sites periodically. And who knows what else.

OpenDNS will block sites, usually with fake certificate errors.It periodically tries to block my own site. It leads to block.opendns.com
Google -- as a search engine -- may block/censor/hide whatever they please. It's not a public service after all.

However you were referring to Google's DNS servers (8.8.8.8 and 8.8.4.4). I have yet to see evidence that they censor/block/spoof anything at the DNS server.

The same goes for Cloudflare. You are merely speculating, and referring to "since the election" as if there was a, single, universal, election.

OpenDNS does filtering *by design*, i.e. you can choose a DNS server with ad and/or porn filterning, etc.

So again, do you have any evidence that Google or Cloudflare DNS servers are playing foul? or are you just trolling?

User avatar
dotlj
Posts: 646
Joined: 2009-12-25 17:21

Re: What DNS would you recommend?

#18 Post by dotlj »

Sorry this is a little late.
I've been using Cloudflare 1.1.1.1 for some time.
Please see https://www.cloudflare.com/learning/dns ... s-1.1.1.1/

1.1.1.1 is a public DNS resolver that makes DNS queries faster and more secure.

https://blog.cloudflare.com/dns-resolver-1-1-1-1/


We’re using the following IPv4 addresses for our resolver: 1.1.1.1 and 1.0.0.1. Easy to remember. These addresses have been provided to Cloudflare by APNIC for both joint research and this service. You can read more about their work via the APNIC blog.

DNS resolver, 1.1.1.1, is served by Cloudflare’s Global Anycast Network.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: What DNS would you recommend?

#19 Post by Head_on_a_Stick »

I've switched from Cloudflare to Quad9, it's a bit slower but it blocks malware sites.
deadbang

User avatar
bester69
Posts: 2072
Joined: 2015-04-02 13:15
Has thanked: 24 times
Been thanked: 14 times

Re: What DNS would you recommend?

#20 Post by bester69 »

Head_on_a_Stick wrote:I've switched from Cloudflare to Quad9, it's a bit slower but it blocks malware sites.
I think cleanbrowsing is better or faster than Quad9, and has malware blocks
Blocks access to phishing, spam, malware and malicious domains. Our database of malicious domains is updated hourly and considered to be one of the best in the industry.
https://cleanbrowsing.org/filters#security
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...

Post Reply