Today, as part of our efforts to make the web faster, we are announcing Google Public DNS, a new experimental public DNS resolver.
The DNS protocol is an important part of the web's infrastructure, serving as the Internet's "phone book". Every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they complete loading. As a result, the average Internet user performs hundreds of DNS lookups each day, that collectively can slow down his or her browsing experience.
We believe that a faster DNS infrastructure could significantly improve the browsing experience for all web users. To enhance DNS speed but to also improve security and validity of results, Google Public DNS is trying a few different approaches that we are sharing with the broader web community through our documentation:
- Speed: Resolver-side cache misses are one of the primary contributors to sluggish DNS responses. Clever caching techniques can help increase the speed of these responses. Google Public DNS implements prefetching: before the TTL on a record expires, we refresh the record continuously, asychronously and independently of user requests for a large number of popular domains. This allows Google Public DNS to serve many DNS requests in the round trip time it takes a packet to travel to our servers and back.
- Security: DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website. Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages.
- Validity: Google Public DNS complies with the DNS standards and gives the user the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience.
To get more information on Google Public DNS you can visit our site, read our documentation, and our logging policies. We also look forward to receiving your feedback in our discussion group.
118 comments:
Interesting.
But when will I be able to drink in a Google managed coffee shop?
Wow this is great, I've been using OpenDNS for a while but I've been disappointed that occasionally I will type an invalid domain name and get redirected to their search engine... before that, it was my ISP.
Glad to hear I can get expected responses when querying for a domain that doesn't actually exist.
Why did Google not join forces with Open DNS and other similar efforts?
Haha, I would love some Google mocha, but back on the matter at hand, I think that a nice fast DNS resolver is great, but the only concern I have is with how the dns query data is handled. Is it logged? Is it disposed of immediately (as should be to avoid any privacy concerns)? I dont want my browsing habits scrutinized by someone who happens to be able to see what IP my google account is logged into, *and* can see what DNS queries my IP is making... All I am saying is that when low level services are managed by people with access to high level information, privacy and annonymity are due to take a hit.
हिन्दी में यह वृत्त पढनेपर बडी प्रसन्नता तो हुई, पर समझ बहुत कम पाया। फिर भी, बधाई हो!!
Voila!
What I have been waiting for a long time.
What steps will Google be taking to protect the privacy of people using this service? Will you be caching logs of lookups and associating them with people's Google accounts, thusly giving a complete view of all Internet activity coming out of any given machine?
I've added the DNS to my router, and connections have doubled in speed!
If I type single words into my firefox adress bar, I does however take quite a while before the dns returns a lookup error, and firefox redirects me to the 'feeling lucky' I wanted.
I am also curious about the privacy implications...
No IPv6 support, either as server or client :-(
$ dig @8.8.8.8 mirror.ipv6.chaz6.com. in aaaa | grep status
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32325
$ dig @bind.odvr.dns-oarc.net. mirror.ipv6.chaz6.com. in aaaa | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10201
Congrats guys. 8.8.8.8 nice IP :)
I've been using 8.8.8.8 for a couple of months now... works great.
Great news...just started using the DNS...have to see if its really faster...
Piratebay.org is banned in Denmark.
Is it legal for me to use Google DNS to go to piratebay.org?
What about other banned sites in other countries?
What do Google do in those situations?
Privacy and logging is detailed here: http://code.google.com/speed/public-dns/privacy.html
wonderful to follow users requests... I'll never use it.
Privacy is a main issue here, I mean, if your browsing history is logged then this looks like 1984 to me...
I'll check it out... yay! for upgrades.
Using it now, I seriously see no difference in speed.
Its always been fast anyway...
http://code.google.com/speed/public-dns/faq.html
For those people raising privacy questions, read the FAQ they do log, but IP address info for you computer is only kept for 48 hours then deleted...
Comodo secure dns > google dns
http://www.comodo.com/secure-dns/
48 hours is acceptable, as long as that info is not aggregated with any other user data. Promise thats how it is?
Nice
Main thing I'm interested in is how to refresh Google's cache. I regularly am migrating clients to different providers (mail, web, etc.) and the OpenDNS ability to refresh their cache immediately is quite handy.
"Today, as part of our efforts to make the web faster,"
More like your efforts to take over the world! Google, I'm keeping my eye on you.
*puts on til-foil hat*
REALLY NICE.. I HAVE ACTIVATED IT....
@dave: Right in the main post is a link to http://code.google.com/speed/public-dns/privacy.html which directly answers your questions. Why don't you read it?
(But because you probably won't: No, nothing is aggregated.)
This is good stuff! Love it!
I think it's time, that OpenDNS providers block Google for 2-3 days, so Google will stop this project and improve open DNS service instead. "We are evil" should be the new google slogan...
It would be cooler if they were white-listed with themselves for AAAA lookups, seeing as they are already anycast :D
@pkasting I had already read that, I was simply saying that caching of user data from DNS queries is OK for 48 hours like they say *because* they are not aggregating it with personal userdata from the other google services. The little question at the end was more of a joking "are you sure?" (said like a naive child) than anything serious. I have been using Google's wonderful products since the day that they started letting us have access to their infant search system way back in the day. If I didnt trust them to be responsible with any info that they gleen from my computer usage habits, I wouldnt be anywhere near this site (they can see my IP!! and stuff...). lol On a serious note, I only raised the concern because this type of issue is something that we have to worry about, even with a privacy policy put up saying that such things will never happen. Caution is our only ally some days.
Ping times for google seem slower than open DNS for me. I'm in San Francisco, getting 64ms from google, 13ms from openDNS.
Is there a better way to measure DNS speed?
isto e otimo com costantes falhas da speedy da telefonica uma outra opicão e muito bom
The few tests I tried, OpenDNS was faster.
I think the real point of this is to add yet another stream of information about you that Google can use to target ads.
how a bout new website ? how long it takes that a new website add to the google DNS ?
This rocks! Thank you so much:)!
Thanks to Google, Better and Better surfing speed each time....well...download i think its not effected.
Chaz6... in fairness, I think that the DNS for that domain is just broken.
From Comcast:
% dig @68.87.69.146 mirror.ipv6.chaz6.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32642
From a local Seattle-area ISP:
% dig @ns1.eskimo.com mirror.ipv6.chaz6.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12524
Meanwhile, another query for an IPv6 address via Google DNS turns up okay:
% dig @8.8.8.8 ipv6.research.microsoft.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18117
...I think chaz6.com's DNS is to blame, not Google's.
Unfortunately Goodle DNS has the same problem with
OpenDNS, i.e. where the websites use region specific
cache servers such as akamai.
Worse still is when the ISPs use some forms of
cache proxy servers. E.g. here in NZ, OpenDNS and now
Google DNS cannot server these sites correctly. One
example is engadget.com. Pity.
How long until Google includes their own top-level domains in their DNS, bypassing ICANN completely?
Google is Google, always !
@shutteresque
That is because none of those dns servers are ipv6-connected. The dns servers authoritative for ipv6.chaz6.com. are not reachable with ipv4. There is a difference between having an AAAA record and being able to reach DNS servers over IPv6.
Try `dig +trace ipv6.chaz6.com. in ns` and then look up the addresses of those dns servers.
I wonder how long it will be before Windows will come preloaded with Microsoft ran DNS severs....
Instead of a coffee shop, wouldn't a kool-aid stand be more appropriate?
seems faster and snappier to me sweet !!!
chriscut said...
"I wonder how long it will be before Windows will come preloaded with Microsoft ran DNS severs...."
Those servers will run Linux.
Although probably not an exhaustive list, for the fastest DNS servers (RTT) based on your IP address, check out => www.dnsserverlist.org.
a utility to see the speed difference would make this more convincing from an end user perspective.
ummm I want/need filters on you-know-what...I guess I will stay with OpenDNS
The ping times for these servers are consistently under 20ms for me, with a total response time of under 40 ms. This is plenty fast enough for a name resolver. The primary issue will be reliability, and I would suspect it will be higher than my ISP, which slows to a crawl frequently, and also better than running it on my own machine, as nearly everything will be cached at Google, and little is cached locally. In fact, resolving google.com from my own (flushed cache) machine requires twice as long as doing so via Google's (cached) server.
Hilarious people thinking Google needs their private information so bad...
1. Redirect is to google search. More you use Google search, and better Google search is to the websites you want with Google adverts... the more they make money.
2. Really? trust openDNS more than Google? Who stands more to loose if they do something crazy?
3. The faster and more ubiquitous the internet is... the more people use
it... the more people use Google and the more adverts served up by Google people see.
Sure, be wary of any company... but most of the concerns people throw out are purely reactionary and thoughtless.
Think more Skynet than Cruella ;o)
kiwi on the run, the problem with servers like akamai is that you are in NZ. They are not designed to serve you. They are local servers.
All your IP belong to us.
For these who advocate OpenDNS, I used them for a while, then discontinued. There are too many unknowns, and I deem their policies unacceptable for me.
Is this an alternative to DNSSEC? What are other Alternatives?
Woo. That's great. I've try configuration with Google DNS and it's running faster than OpenDNS (Vietnam network).
Thanks :)
cool ....
nifty, but broken in it's implemnentation because it fills it's own cache from diseperate locations. This is going to cause problems for any large network which uses anycast dns to ensure clients are routed to the nearest network resource.
we need a proxy as well
(there is no better way to listen to traffic )
opendns is fantastic.
I've been using OpenDNS for 2+ years, love the service, but looking for some change. I like the filter options they got, but that's not really all I use it for....I got a hosts file + Peerblock for that kind of stuff anyhow....
I think I'll give Google DNS a whirl/test just to see how I like it. Sort of a "vacation" from the "web search" redirects for NXDOMAIN sites, etc that I encounter, fighting spam domains at inboxrevenge forums :)
we're need completely new dns system
@Google, why should I switch from OpenDNS.com to GoogleDNS? What's the benefit?
When is Google going to make oil that doesn't need to be changed?
Im going to try it on http://www.stateyourbeef.com/
Ill let you know how it work's
Not very impressed by the performance. Benchmarks show 2-10x slowdown: http://x7.fi/2009/12/04/google-public-dns-benchmarking/
@Sam Barnum
From Italy, connected directly with fiber:
srv-italy:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=247 time=16.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=247 time=17.8 ms
srv-italy:~# ping 208.67.222.222
PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data.
64 bytes from 208.67.222.222: icmp_seq=1 ttl=54 time=31.7 ms
64 bytes from 208.67.222.222: icmp_seq=2 ttl=54 time=31.9 ms
And:
first time:
srv-italy:~# time host microsoft.com 8.8.8.8
real 0m0.275s
srv-italy:~# time host microsoft.com 208.67.222.222
real 0m0.104s
next one:
srv-italy:~# time host microsoft.com 8.8.8.8
real 0m0.061s
srv-italy:~# time host microsoft.com 208.67.222.222
real 0m0.118s
No one at 8.8.8.8 query microsoft.com before myself? :)
@Dave:
watch out for the word "free" !
Sure they are logging everything..
Your mail with gmail, your browsing everytime you use google, and almost 70% of the sites out there use adsense, so your presence there is already logged.
TO answer all privacy concerns, why would google be more likely to keep data than the provider of your current DNS. Would Google jeopardise their position by being untrustworthy.
I'm not sure I understand what Google are doing here??
Is this just (and only) for browsing the internet? I.e. I type www.domain.com into the browser, then I bypass looking at that domains chosen NS for the host servers IP address, in favour of Google doing a live look-up on it?
If so... hmmm...
I just can't see that Google can do a look-up and quicker than a decent ISP, especially not if I want a UK site on a UK ISP.
Perhaps I'm barking up the wrong tree, but I currently don't understand.
Cheers Google for making this new venture clear to us end users.
Nice.. i'm trying it now.. :)
Great news! Hope combined with SPDY, the web may be more twice as faster as its now :-)
Cheers !
Sounds great!! 와...정말 구글의 서비스정신이 어디까지 갈지 궁금합니다. 구글 멋져요.
Why there is not DNSSEC validation on this resolvers? There is several TLD domains with working DNSSEC. For example "cz" TLD..
intersting ip Address : 8.8.8.8 and 8.8.4.4
cheers
Personally, I would love to see Google start its own Internet.
Now that would be special.
This is intimately connected wit the recent patent awarded on using a top level domain as a url shortener. See http://news.ycombinator.com/item?id=974111
Google will probably just buy these guys and own the whole DNS / tinyurl space.
Wow. it is fast. I compared time for DNS queries...
Google (8.8.8.8)
0.032488
0.032382
Local ISP
0.182394
0.287977
Perhaps we will all benefit in the end with more DNS resolvers available to us. But I am afraid of Google taking over the world, beginning with me.. Bottom line, is it faster than OpenDNS? Will give it a bash.
I don't think it is gonna benifit much for asia-pac region users. A normal RTT to mentioned server is much higher.
Nice services....
dammit... there goes google being ambitious/effective again. maybe bill gates should surrender before it gets too bad(?)
good ;)
Google has more resources and it is the best at everything that it provides...so it will be definitely better than Open DNS
After scanning our emails from gmail, know what we like on youtube, our profiles on orkut ... now they want to know about our site ... GOOGLE is a weapon for New World Order NWO
I would LOVE some Google hostedDNS like fx. DNSMadeEasy.com or the danish registrar GratisDNS.dk
Thanks Google!
nice I love google it works well
Thanks and I have tested google DNS seems to be working alright from Sri Lanka via Mobitel HSDPA connection. I have used openDNS in the past. I just want to make sure things are clear to me. What makes Google DNS better than others like OpenDNS? or provided by ISP? (Internet Service Providers) DNS?
Let's go Google, awesome
defently gonna try see what this can bring about :o
Is is possible to configure our own custom domain names in the DNS server ?
As for example, if I need to check whether my application (hosted on a web server on my server) benefits from Google's DNS server in terms of performance, can I configure my own domain name/IP address combination ?
wow, I love this idea and experiment. I like web to be faster
im ok with my current speed,plus most of time taken to load a page is not the DNS resolution but rather latency from throughput restrictions. This is another clear cut example of why we should not just believe everything google says.
thanks but no thanks goog.
Good effort.... Speedup the web experience...but don,t forgate IPV6... future of Tomorrow's Internet.
WOW! YouTube got faster when i use GoogleDNS
I've been using 4.2.2.1 - 4.2.2.6 for a few years. It works beautifully. Also I've noticed that Cox Cable's DNS servers are public too. I don't even use my isp's dns servers (bellsouth, now AT&T) because I know they're overloaded. Weren't the IP's it uses (8.8.8.8 and 8.8.4.4) part of IBM's Global Services, or am I thinking of 9.0.0.0?
I've been using Open Dns because its fast and I can block categories of servers (adult, pornography, parked domains) and 8.8.8.8 will be easy to remember, but it appears to be a bit slower than Open DNS. Since I'm about all things Google I'm glad to help test.
This is very nice, i have tested some domains and seeming very fast resolver as compared to others like openDNS and my own ISP.... :). Keep it up nice work. Now need some security implementations...
Regards
Mushtaq
nice IP, I'm trying, it's good ...
Invest $20,000 Got $100,000 in 2 hours--1000% After 2 Hours.
Perpetuity-Income is here to provide all investors oversea with a professional investment platform and help you to achieve your dream of making money online without too many skills. By joining us, you're participating in a reliable and best service program ever. We aim to offer reasonable interest rates and if you need a long-standing program, looking for promising and profitable investment opportunities, you will find the ideal partner. As our faith, secure platform, fast payments, fast and friendly service, reasonable plans are the key of a successful program. the money invested with us is what will be taking to the international market, OPEC to trade which later yield many profit to pay our investors profit.
Date: 2009-11-28 04:47
Batch: 236479xx
From Account: U8334345 (PerpetuityIncome)
Amount: $100,000.00
Memo: Perpetuity-Income
http://www.perpetuityincome.com/?U9559092
http://www.perpetuityincome.com/?U9559092
The min deposit is only $100, You can get $200 in 4 hours
1000% in 2 hours. Never missing payment
You can find the site listed on
http://www.yahoomsngroup.com
http://www.payinghyiponline.com
http://www.makecurrencyonline.com
http://www.hyipfunding.com
http://www.libertyreserveforex.net
If you don't get paid from Perpetuity-Income ,please mailto: bugbeekcot@gmail.com
I will return 100% of your deposit.You have real no risk!
google are the king of search. Any DNS request relies on search technology. This is why Google is faster than your local ISP. Did you read the article? They can provide DNS lookup in the time it takes a packet to do a round trip.
Privacy concerns will be exactly the same as with any other google services (gmail, blogger, youtube, even search). If you dont like it, dont use it. easy.
Also,
* they only know your ip address, not you.
* your ip address identifies your computer, not you.
* your data on your computer is just as accessible to anyone else as it is to google.
* anything you send to google will be accessible by google.
* If you dont want google to see what sites you visit, dont use google dns. (your ISP probably logs it anyway)
This has been around so long, and many of us actually saw this coming, this is part of the Open Roots, and is not new at all. Actually in retrospec, they are do nothing more then what is already in place on a global scale. The only question I have for Google, is are you going to handle the other TLD's and HOW? Are you conforming to the ICANN way of life, or are you actually going to use the inclusive name spacing? Hope you guys did your homework.
12/08/2009 7:21 PM
Interesant! very good !
Interesant! very good !
Thanks Google for this new update! Very Good.
DNS safety measures are essential for authentication, data integrity and denial of existence. I am associated with Domain Names, Web Hosting and Online Marketing Services. Your information will be quite supportive to me. Thanks for sharing your this valuable news.
Network Solutions Coupons
Hi,
Good one on Introducing Google Public DNS: A new DNS resolver from Google.If you are interested in developing a home based business then http://debtfreeliving.ilovesuccess.net can help you. They provide a Top Rate ethical home-based business that you can enjoy from the comfort of your own home.
Thanks,
Camilynn
Good
I'd been using Google Public DNS since Dec 24th 2009, and I'm not at all impressed. The biggest issues I had with it is that it made google websites and services mostly fail. google.com, gmail, googleanalytics which a lot of sites have used now, would all not work most of the time. I switched back to my own in-house DNS after getting them back up after some major overhaul work to my servers and I was back in business no problem.
I don't know why specifically Google's Public DNS would not work for their own sites, but wow, that was not very fun at all once I realized the cause was the DNS. I'd have never suspected it.
ya it is good work to speed the web also catch the data what people searching and which are new website user using.... A NEW APPROCH TO FIND NEW TRENDS...
Gr8
Post a Comment