The DNS protocol is an important part of the web's infrastructure, serving as the Internet's "phone book". Every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they complete loading. As a result, the average Internet user performs hundreds of DNS lookups each day, that collectively can slow down his or her browsing experience.
We believe that a faster DNS infrastructure could significantly improve the browsing experience for all web users. To enhance DNS speed but to also improve security and validity of results, Google Public DNS is trying a few different approaches that we are sharing with the broader web community through our documentation:
- Speed: Resolver-side cache misses are one of the primary contributors to sluggish DNS responses. Clever caching techniques can help increase the speed of these responses. Google Public DNS implements prefetching: before the TTL on a record expires, we refresh the record continuously, asychronously and independently of user requests for a large number of popular domains. This allows Google Public DNS to serve many DNS requests in the round trip time it takes a packet to travel to our servers and back.
- Security: DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website. Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages.
- Validity: Google Public DNS complies with the DNS standards and gives the user the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience.
To get more information on Google Public DNS you can visit our site, read our documentation, and our logging policies. We also look forward to receiving your feedback in our discussion group.
Interesting.
ReplyDeleteBut when will I be able to drink in a Google managed coffee shop?
ReplyDeleteWow this is great, I've been using OpenDNS for a while but I've been disappointed that occasionally I will type an invalid domain name and get redirected to their search engine... before that, it was my ISP.
ReplyDeleteGlad to hear I can get expected responses when querying for a domain that doesn't actually exist.
Why did Google not join forces with Open DNS and other similar efforts?
ReplyDeleteHaha, I would love some Google mocha, but back on the matter at hand, I think that a nice fast DNS resolver is great, but the only concern I have is with how the dns query data is handled. Is it logged? Is it disposed of immediately (as should be to avoid any privacy concerns)? I dont want my browsing habits scrutinized by someone who happens to be able to see what IP my google account is logged into, *and* can see what DNS queries my IP is making... All I am saying is that when low level services are managed by people with access to high level information, privacy and annonymity are due to take a hit.
ReplyDeleteहिन्दी में यह वृत्त पढनेपर बडी प्रसन्नता तो हुई, पर समझ बहुत कम पाया। फिर भी, बधाई हो!!
ReplyDeleteVoila!
ReplyDeleteWhat I have been waiting for a long time.
What steps will Google be taking to protect the privacy of people using this service? Will you be caching logs of lookups and associating them with people's Google accounts, thusly giving a complete view of all Internet activity coming out of any given machine?
ReplyDeleteI've added the DNS to my router, and connections have doubled in speed!
ReplyDeleteIf I type single words into my firefox adress bar, I does however take quite a while before the dns returns a lookup error, and firefox redirects me to the 'feeling lucky' I wanted.
I am also curious about the privacy implications...
ReplyDeleteNo IPv6 support, either as server or client :-(
ReplyDelete$ dig @8.8.8.8 mirror.ipv6.chaz6.com. in aaaa | grep status
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32325
$ dig @bind.odvr.dns-oarc.net. mirror.ipv6.chaz6.com. in aaaa | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10201
Congrats guys. 8.8.8.8 nice IP :)
ReplyDeleteI've been using 8.8.8.8 for a couple of months now... works great.
ReplyDeleteGreat news...just started using the DNS...have to see if its really faster...
ReplyDeletewonderful to follow users requests... I'll never use it.
ReplyDeletePrivacy is a main issue here, I mean, if your browsing history is logged then this looks like 1984 to me...
ReplyDeleteI'll check it out... yay! for upgrades.
ReplyDeleteUsing it now, I seriously see no difference in speed.
ReplyDeleteIts always been fast anyway...
http://code.google.com/speed/public-dns/faq.html
ReplyDeleteFor those people raising privacy questions, read the FAQ they do log, but IP address info for you computer is only kept for 48 hours then deleted...
Comodo secure dns > google dns
ReplyDeletehttp://www.comodo.com/secure-dns/
48 hours is acceptable, as long as that info is not aggregated with any other user data. Promise thats how it is?
ReplyDeleteNice
ReplyDeleteMain thing I'm interested in is how to refresh Google's cache. I regularly am migrating clients to different providers (mail, web, etc.) and the OpenDNS ability to refresh their cache immediately is quite handy.
ReplyDelete"Today, as part of our efforts to make the web faster,"
ReplyDeleteMore like your efforts to take over the world! Google, I'm keeping my eye on you.
*puts on til-foil hat*
REALLY NICE.. I HAVE ACTIVATED IT....
ReplyDeleteWhoa - considerably faster than O2's UK DNS servers. Good stuff Google!
ReplyDelete@dave: Right in the main post is a link to http://code.google.com/speed/public-dns/privacy.html which directly answers your questions. Why don't you read it?
ReplyDelete(But because you probably won't: No, nothing is aggregated.)
This is good stuff! Love it!
ReplyDeleteI think it's time, that OpenDNS providers block Google for 2-3 days, so Google will stop this project and improve open DNS service instead. "We are evil" should be the new google slogan...
ReplyDeleteIt would be cooler if they were white-listed with themselves for AAAA lookups, seeing as they are already anycast :D
ReplyDelete@pkasting I had already read that, I was simply saying that caching of user data from DNS queries is OK for 48 hours like they say *because* they are not aggregating it with personal userdata from the other google services. The little question at the end was more of a joking "are you sure?" (said like a naive child) than anything serious. I have been using Google's wonderful products since the day that they started letting us have access to their infant search system way back in the day. If I didnt trust them to be responsible with any info that they gleen from my computer usage habits, I wouldnt be anywhere near this site (they can see my IP!! and stuff...). lol On a serious note, I only raised the concern because this type of issue is something that we have to worry about, even with a privacy policy put up saying that such things will never happen. Caution is our only ally some days.
ReplyDeletePing times for google seem slower than open DNS for me. I'm in San Francisco, getting 64ms from google, 13ms from openDNS.
ReplyDeleteIs there a better way to measure DNS speed?
isto e otimo com costantes falhas da speedy da telefonica uma outra opicão e muito bom
ReplyDeleteThe few tests I tried, OpenDNS was faster.
ReplyDeleteI think the real point of this is to add yet another stream of information about you that Google can use to target ads.
ReplyDeletehow a bout new website ? how long it takes that a new website add to the google DNS ?
ReplyDeleteThis rocks! Thank you so much:)!
ReplyDeleteThanks to Google, Better and Better surfing speed each time....well...download i think its not effected.
ReplyDeleteChaz6... in fairness, I think that the DNS for that domain is just broken.
ReplyDeleteFrom Comcast:
% dig @68.87.69.146 mirror.ipv6.chaz6.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32642
From a local Seattle-area ISP:
% dig @ns1.eskimo.com mirror.ipv6.chaz6.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12524
Meanwhile, another query for an IPv6 address via Google DNS turns up okay:
% dig @8.8.8.8 ipv6.research.microsoft.com in aaaa | grep 'status'
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18117
...I think chaz6.com's DNS is to blame, not Google's.
Unfortunately Goodle DNS has the same problem with
ReplyDeleteOpenDNS, i.e. where the websites use region specific
cache servers such as akamai.
Worse still is when the ISPs use some forms of
cache proxy servers. E.g. here in NZ, OpenDNS and now
Google DNS cannot server these sites correctly. One
example is engadget.com. Pity.
How long until Google includes their own top-level domains in their DNS, bypassing ICANN completely?
ReplyDeleteThis comment has been removed by the author.
ReplyDelete@shutteresque
ReplyDeleteThat is because none of those dns servers are ipv6-connected. The dns servers authoritative for ipv6.chaz6.com. are not reachable with ipv4. There is a difference between having an AAAA record and being able to reach DNS servers over IPv6.
Try `dig +trace ipv6.chaz6.com. in ns` and then look up the addresses of those dns servers.
I wonder how long it will be before Windows will come preloaded with Microsoft ran DNS severs....
ReplyDeleteInstead of a coffee shop, wouldn't a kool-aid stand be more appropriate?
ReplyDeleteseems faster and snappier to me sweet !!!
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeletechriscut said...
ReplyDelete"I wonder how long it will be before Windows will come preloaded with Microsoft ran DNS severs...."
Those servers will run Linux.
a utility to see the speed difference would make this more convincing from an end user perspective.
ReplyDeleteummm I want/need filters on you-know-what...I guess I will stay with OpenDNS
ReplyDeleteHilarious people thinking Google needs their private information so bad...
ReplyDelete1. Redirect is to google search. More you use Google search, and better Google search is to the websites you want with Google adverts... the more they make money.
2. Really? trust openDNS more than Google? Who stands more to loose if they do something crazy?
3. The faster and more ubiquitous the internet is... the more people use
it... the more people use Google and the more adverts served up by Google people see.
Sure, be wary of any company... but most of the concerns people throw out are purely reactionary and thoughtless.
Think more Skynet than Cruella ;o)
kiwi on the run, the problem with servers like akamai is that you are in NZ. They are not designed to serve you. They are local servers.
ReplyDeleteAll your IP belong to us.
ReplyDeleteFor these who advocate OpenDNS, I used them for a while, then discontinued. There are too many unknowns, and I deem their policies unacceptable for me.
ReplyDeleteIs this an alternative to DNSSEC? What are other Alternatives?
ReplyDeleteWoo. That's great. I've try configuration with Google DNS and it's running faster than OpenDNS (Vietnam network).
ReplyDeleteThanks :)
cool ....
ReplyDeletenifty, but broken in it's implemnentation because it fills it's own cache from diseperate locations. This is going to cause problems for any large network which uses anycast dns to ensure clients are routed to the nearest network resource.
ReplyDeletewe need a proxy as well
ReplyDelete(there is no better way to listen to traffic )
opendns is fantastic.
ReplyDeleteI've been using OpenDNS for 2+ years, love the service, but looking for some change. I like the filter options they got, but that's not really all I use it for....I got a hosts file + Peerblock for that kind of stuff anyhow....
ReplyDeleteI think I'll give Google DNS a whirl/test just to see how I like it. Sort of a "vacation" from the "web search" redirects for NXDOMAIN sites, etc that I encounter, fighting spam domains at inboxrevenge forums :)
we're need completely new dns system
ReplyDeleteThis comment has been removed by the author.
ReplyDelete@Google, why should I switch from OpenDNS.com to GoogleDNS? What's the benefit?
ReplyDeleteWhen is Google going to make oil that doesn't need to be changed?
ReplyDeleteIm going to try it on http://www.stateyourbeef.com/
ReplyDeleteIll let you know how it work's
@Sam Barnum
ReplyDeleteFrom Italy, connected directly with fiber:
srv-italy:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=247 time=16.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=247 time=17.8 ms
srv-italy:~# ping 208.67.222.222
PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data.
64 bytes from 208.67.222.222: icmp_seq=1 ttl=54 time=31.7 ms
64 bytes from 208.67.222.222: icmp_seq=2 ttl=54 time=31.9 ms
And:
first time:
srv-italy:~# time host microsoft.com 8.8.8.8
real 0m0.275s
srv-italy:~# time host microsoft.com 208.67.222.222
real 0m0.104s
next one:
srv-italy:~# time host microsoft.com 8.8.8.8
real 0m0.061s
srv-italy:~# time host microsoft.com 208.67.222.222
real 0m0.118s
No one at 8.8.8.8 query microsoft.com before myself? :)
@Dave:
ReplyDeletewatch out for the word "free" !
Sure they are logging everything..
Your mail with gmail, your browsing everytime you use google, and almost 70% of the sites out there use adsense, so your presence there is already logged.
This comment has been removed by the author.
ReplyDeleteTO answer all privacy concerns, why would google be more likely to keep data than the provider of your current DNS. Would Google jeopardise their position by being untrustworthy.
ReplyDeleteI'm not sure I understand what Google are doing here??
ReplyDeleteIs this just (and only) for browsing the internet? I.e. I type www.domain.com into the browser, then I bypass looking at that domains chosen NS for the host servers IP address, in favour of Google doing a live look-up on it?
If so... hmmm...
I just can't see that Google can do a look-up and quicker than a decent ISP, especially not if I want a UK site on a UK ISP.
Perhaps I'm barking up the wrong tree, but I currently don't understand.
Cheers Google for making this new venture clear to us end users.
Nice.. i'm trying it now.. :)
ReplyDeleteGreat news! Hope combined with SPDY, the web may be more twice as faster as its now :-)
ReplyDeleteCheers !
Sounds great!! 와...정말 구글의 서비스정신이 어디까지 갈지 궁금합니다. 구글 멋져요.
ReplyDeleteWhy there is not DNSSEC validation on this resolvers? There is several TLD domains with working DNSSEC. For example "cz" TLD..
ReplyDeleteintersting ip Address : 8.8.8.8 and 8.8.4.4
ReplyDeletecheers
Personally, I would love to see Google start its own Internet.
ReplyDeleteNow that would be special.
This is intimately connected wit the recent patent awarded on using a top level domain as a url shortener. See http://news.ycombinator.com/item?id=974111
ReplyDeleteGoogle will probably just buy these guys and own the whole DNS / tinyurl space.
Wow. it is fast. I compared time for DNS queries...
ReplyDeleteGoogle (8.8.8.8)
0.032488
0.032382
Local ISP
0.182394
0.287977
Perhaps we will all benefit in the end with more DNS resolvers available to us. But I am afraid of Google taking over the world, beginning with me.. Bottom line, is it faster than OpenDNS? Will give it a bash.
ReplyDeleteI don't think it is gonna benifit much for asia-pac region users. A normal RTT to mentioned server is much higher.
ReplyDeleteNice services....
ReplyDeletedammit... there goes google being ambitious/effective again. maybe bill gates should surrender before it gets too bad(?)
ReplyDeletegood ;)
ReplyDeleteGoogle has more resources and it is the best at everything that it provides...so it will be definitely better than Open DNS
ReplyDeleteAfter scanning our emails from gmail, know what we like on youtube, our profiles on orkut ... now they want to know about our site ... GOOGLE is a weapon for New World Order NWO
ReplyDeleteI would LOVE some Google hostedDNS like fx. DNSMadeEasy.com or the danish registrar GratisDNS.dk
ReplyDeleteThanks Google!
nice I love google it works well
ReplyDeleteThanks and I have tested google DNS seems to be working alright from Sri Lanka via Mobitel HSDPA connection. I have used openDNS in the past. I just want to make sure things are clear to me. What makes Google DNS better than others like OpenDNS? or provided by ISP? (Internet Service Providers) DNS?
ReplyDeleteLet's go Google, awesome
ReplyDeletedefently gonna try see what this can bring about :o
ReplyDeleteIs is possible to configure our own custom domain names in the DNS server ?
ReplyDeleteAs for example, if I need to check whether my application (hosted on a web server on my server) benefits from Google's DNS server in terms of performance, can I configure my own domain name/IP address combination ?
This comment has been removed by the author.
ReplyDeletewow, I love this idea and experiment. I like web to be faster
ReplyDeleteim ok with my current speed,plus most of time taken to load a page is not the DNS resolution but rather latency from throughput restrictions. This is another clear cut example of why we should not just believe everything google says.
ReplyDeletethanks but no thanks goog.
Good effort.... Speedup the web experience...but don,t forgate IPV6... future of Tomorrow's Internet.
ReplyDeleteWOW! YouTube got faster when i use GoogleDNS
ReplyDeleteI've been using 4.2.2.1 - 4.2.2.6 for a few years. It works beautifully. Also I've noticed that Cox Cable's DNS servers are public too. I don't even use my isp's dns servers (bellsouth, now AT&T) because I know they're overloaded. Weren't the IP's it uses (8.8.8.8 and 8.8.4.4) part of IBM's Global Services, or am I thinking of 9.0.0.0?
ReplyDeleteI've been using Open Dns because its fast and I can block categories of servers (adult, pornography, parked domains) and 8.8.8.8 will be easy to remember, but it appears to be a bit slower than Open DNS. Since I'm about all things Google I'm glad to help test.
ReplyDeleteThis is very nice, i have tested some domains and seeming very fast resolver as compared to others like openDNS and my own ISP.... :). Keep it up nice work. Now need some security implementations...
ReplyDeleteRegards
Mushtaq
nice IP, I'm trying, it's good ...
ReplyDeleteI also make a try!
ReplyDeleteThanks Google for this new update!
google are the king of search. Any DNS request relies on search technology. This is why Google is faster than your local ISP. Did you read the article? They can provide DNS lookup in the time it takes a packet to do a round trip.
ReplyDeletePrivacy concerns will be exactly the same as with any other google services (gmail, blogger, youtube, even search). If you dont like it, dont use it. easy.
Also,
* they only know your ip address, not you.
* your ip address identifies your computer, not you.
* your data on your computer is just as accessible to anyone else as it is to google.
* anything you send to google will be accessible by google.
* If you dont want google to see what sites you visit, dont use google dns. (your ISP probably logs it anyway)
This has been around so long, and many of us actually saw this coming, this is part of the Open Roots, and is not new at all. Actually in retrospec, they are do nothing more then what is already in place on a global scale. The only question I have for Google, is are you going to handle the other TLD's and HOW? Are you conforming to the ICANN way of life, or are you actually going to use the inclusive name spacing? Hope you guys did your homework.
ReplyDelete12/08/2009 7:21 PM
Interesant! very good !
ReplyDeleteInteresant! very good !
ReplyDeleteThanks Google for this new update! Very Good.
ReplyDeleteDNS safety measures are essential for authentication, data integrity and denial of existence. I am associated with Domain Names, Web Hosting and Online Marketing Services. Your information will be quite supportive to me. Thanks for sharing your this valuable news.
ReplyDeleteNetwork Solutions Coupons
Hi,
ReplyDeleteGood one on Introducing Google Public DNS: A new DNS resolver from Google.If you are interested in developing a home based business then http://debtfreeliving.ilovesuccess.net can help you. They provide a Top Rate ethical home-based business that you can enjoy from the comfort of your own home.
Thanks,
Camilynn
Good
ReplyDeleteI'd been using Google Public DNS since Dec 24th 2009, and I'm not at all impressed. The biggest issues I had with it is that it made google websites and services mostly fail. google.com, gmail, googleanalytics which a lot of sites have used now, would all not work most of the time. I switched back to my own in-house DNS after getting them back up after some major overhaul work to my servers and I was back in business no problem.
ReplyDeleteI don't know why specifically Google's Public DNS would not work for their own sites, but wow, that was not very fun at all once I realized the cause was the DNS. I'd have never suspected it.
ya it is good work to speed the web also catch the data what people searching and which are new website user using.... A NEW APPROCH TO FIND NEW TRENDS...
ReplyDeleteGr8
ReplyDeleteNice tips, thanks
ReplyDeletewhere i can get free domain for my blog in blogspot?
ReplyDelete