Google introduces Google Public DNS

Google has announced that today it is launching its own public DNS resolver called Google Public DNS.

Domain Name System (DNS) power how we all surf the web currently. In general internet service providers supply their own DNS servers that resolve web addresses and translate them into the physical IP addresses that web servers are located at. Google says the goal of its own DNS is to help the tens of thousands of DNS resolvers improve their services, ultimately making the web faster for everyone.

However, speed isn't everything when it comes to DNS. Security is an essential element as DNS is often vulnerable to spoofing attacks, which when taken advantage of will forward all users to a malicious website. Google claims its own DNS "makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages."

The idea of changing your DNS to a third party, other than your ISP, is not a new one. OpenDNS has been providing such services for nearly four years. David Ulevitch, founder of OpenDNS, has summarised his own thoughts on Google's DNS in a company blog posting today. Ulevitch explains that Google's DNS is not the same as OpenDNS, stating "we run the largest DNS caches, the fastest resolvers, and we offer the most flexibility in controlling your DNS experience." Later in the post he praises Google stating that "Google realizes that DNS is a critical piece of our Internet's infrastructure and that it's of strategic importance to help people safely and reliably navigate the Internet." It's clear in the blog posting that Ulevitch sees Google's move as clear competition, rounding off the blog post he finishes "so how will this impact us? It's too early to tell, but largely I think this is a good thing for us. Google DNS currently offers none of the choice and flexibility that our service does. It's new and untested."

If you'd like to use Google DNS then please use the settings below, if you are unsure how to set DNS then follow the instructions Google has posted.

  • Primary DNS - 8.8.8.8
  • Secondary DNS - 8.8.4.4

Report a problem with article
Previous Story

Google Chrome beta for Mac imminent

Next Story

Microsoft Office 2010 beta hits 1M downloads in two weeks

74 Comments

Commenting is disabled on this article.

I just checked at pingtest.net and had 39ms ping and 15ms jitter. switched to googles DNS and tested twice,

1) 72ms ping, 68ms jitter
2) 53ms ping, 48ms jitter


then switched back to my ISP's DNS (qwest) and tested one twice more,

1) 48ms ping, 14ms jitter
2) 35ms ping, 11ms jitter

I like OpenDNS strictly for it's shortcuts. When I first switched, there was a little bit of speed improvement (pages loaded a little quicker) but now I don't really feel a difference anymore. As I said, I like their shortcuts.

My ISP, sbcglobal, redirects non-existant domains to their own ad page. I decided against opendns because I don't trust anyone to filter my queries, for whatever reason. Lucky for me, I build and maintain Linux servers, so I also run my own DNS server. For the win!

Why not test your own DNS servers vs google and/or others?
There's a great freeware tool over at http://www.grc.com/dns/benchmark.htm
Just DL and add googles IPs and see if it's an improvement for yourself.

So a question to David Ulevitch, from OpenDNS, when are you going to support:
- AAAA records (IPv6 dns records) over IPv4?
- Native IPv6 ( AAAA and A over IPv6)?

I have been asking OpenDNS, other DNS providers and ISP's for over two years. Many claim that they will do it, but few will provide a timeline and even fewer deliver.

DNS resolvers from ISP's and DNS providers, which do not support the above request, actually slow the IPv4 network transations for users with IPv6 enabled devices. So OpenDNS, other DNS providers and ISP's, get with with it and speed up the Internet!

My ISP's DNS are very fast, but nice to have two options (Google and OpenDNS) for when I move to France and the ISP DNS happens to be crap

I trust Google about as far as I can throw them!!

Wouldn't use their dns servers if they were the only dns servers in existence!!

Same with Onpendns after seeing their stuff in my router log files after creating an account with them.

I'll stick with goold old Level3's dns servers.

r1ddl3r said,
GoogleFood
GoogleHouse
GoogleLife

It's coming...

Did we forget Google Hospital? lol

No in all seriousness, I believe they will release an anti-virus soon enough.

and soon after will be comming Google World where you'll be forced to watch google ads before you can do anything including having sex or dreaming

kukubau said,
http://blog.opendns.com/2009/12/03/opendns-google-dns/

Four years of expertise. Google can't even try to rise to the level OpenDNS has achieved.

The problem I have with that, the first point, I do not use OpenDNS's Dashboard features, all I ever used it for was an alternate DNS server.

Second point....not really a point, they agree that Google is now giving people another option for an alternate DNS service. Whats the exact point to their #2 point?

Third...OpenDNS is known to use some redirects, as far as I can tell Google DNS does not. Until it is discovered that Google is taking advantage of the information given to them through people using it, there is little harm that can be done. There is nothing in Googles privacy policy that says they are allowed to sell information collected from you, so OpenDNS is again making a pointless "point" by stating that with their privacy policy.

Fourth....They try to say they are better without making a point. They state "we are better" because they have been offering DNS service for years and google is just starting to offer it. In technology, seniority does not make your service better. This can be seen in many things even web browsers, Opera has a number of features that they essentially brought to the modern world, yet many people do not regard Opera as better despite them offering such features for longer.

Fifth....not much of a point here, its an opinion that the author prefers things not to be ran by a single company. I personally do not care as long as that company has good services/software.

So out of 5 "points" the author attempts to make, they only made 1 valid point IMHO. OpenDNS allows more control over your network. All other "points" they made were either opinions or biased remarks stating "Were better", "We have been doing this for years, they have not", etc etc.

Chrono951 said,
One day, when we are all working in the Google salt mines, I will be the one to say "I told you so".

We are just now leaving Microsoft's salt mines!*

On to the next, eh?


* that said, many Neowinners here are happy dwelling Microsoft's salt mines. :P

Did you check the name resolution for 8.8.8.8?

Its name is any-in-0808.1e100.net, and 1e100 = 1*10^100 = A googol. :D

This was going to be Google's name originally, but accidentally misspelled, and the name stuck.

I noticed a big difference with OpenDNS compared to my ISP servers...when it worked. I had frequent timeouts and had to stop using it. Searching the 'Net showed me I wasn't the only one. :-(

This may be a reason for some to switch from OpenDNS to this:

Validity: Google Public DNS complies with the DNS standards and gives the user the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience.

OpenDNS does not comply to this, unfortunately. It's supported by e.g. redirecting you to search pages if there's a DNS miss. So if you want "untouched" results, OpenDNS will not do this in all cases. If one don't care about this, one might just as well keep using OpenDNS though.

Jugalator said,
This may be a reason for some to switch from OpenDNS to this:

OpenDNS does not comply to this, unfortunately. It's supported by e.g. redirecting you to search pages if there's a DNS miss. So if you want "untouched" results, OpenDNS will not do this in all cases. If one don't care about this, one might just as well keep using OpenDNS though.

I completely agree.

Jugalator said,
This may be a reason for some to switch from OpenDNS to this:
OpenDNS does not comply to this, unfortunately. It's supported by e.g. redirecting you to search pages if there's a DNS miss. So if you want "untouched" results, OpenDNS will not do this in all cases. If one don't care about this, one might just as well keep using OpenDNS though.

But that ability to add content filtering is exactly what I am after and it is why I use Open DNS.

That quote makes lack of features or control sound like a good thing! Crazy!

markjensen said,
But that ability to add content filtering is exactly what I am after and it is why I use Open DNS.

That quote makes lack of features or control sound like a good thing! Crazy!


Only, that would be the same as putting a blanket over the dishes instead of simply doing the dishes and putting them back where they belong. It's security through obscurity and one shouldn't be doing that. There are various other ways of securing your home network/computers. Most security software for Windows allows you to do just that. A lot of routers for home use are also able to do some security stuff. There is no need to do these kind of things by using DNS.

Oh, please tell how me using OpenDNS to control access (and get reports on site visits) on my kids computers is "security" in any form?!?! Much less "obscuring with a blanket".

I don't have to add any software. This works whether my kids run Windows or Linux.

Please enlighten me in how you recommend I set this up, while keeping the same management and report features available in OpenDNS.

I've been using Verizon's public DNS servers (4.2.2.2, 4.2.2.4, and 4.2.2.3) for a while now and I've never had an issue with them, but this may certainly be worth trying!

With people having 8mbps or some higher ones like 50mbps, the dns lookup times from your isp's servers is nothing to really worry about. I can understand in using a 3rd party as a backup if your isp has problems of some sort, but how many people have run into dns problems from their ISP?

It's a nice idea, but I don't much see the point. This is yet again Google trying to do everything internet related they can think of.

GP007 said,
With people having 8mbps or some higher ones like 50mbps, the dns lookup times from your isp's servers is nothing to really worry about. I can understand in using a 3rd party as a backup if your isp has problems of some sort, but how many people have run into dns problems from their ISP?

My ISP uses 404 redirects which are really annoying, so I started using a 3rd party DNS instead. It's also a bit faster. Your broadband speed doesn't make a difference in DNS lookup latency, the speed of the provider's servers is what matters. I found that Verizon's DNS servers (4.4.4.x) have faster response times than my ISP's (Earthlink via Time Warner).

toadeater said,
My ISP uses 404 redirects which are really annoying, so I started using a 3rd party DNS instead.

Glad you can disable yours. "CenturyLink"/Embarq uses them as well and for some reason they keep redirecting the Bing search from IE. Freaking annoying.
I've changed my router DNS to OpenDNS but they STILL block it somehow.

bmdixon said,
It's not just about the DNS lookup though... OpenDNS offers more features. I'm sure Google will soon take over the world with theirs but i quite like OpenDNS.

Just wait till Google buys them out...

bmdixon said,
It's not just about the DNS lookup though... OpenDNS offers more features. I'm sure Google will soon take over the world with theirs but i quite like OpenDNS.

Google on the other hand has a much better privacy policy when compared to OpenDNS (after 24 hours they purge the data, OpenDNS stores it for 2 weeks, you can change this if you create an account where as Google doesn't require any account). Google simply returns nxdomain when a domain does not exist, they don't do weird stuff like sending you to some OpenDNS site. Simpy put Google complies to the FTC regarding DNS, OpenDNS does not. Google also seems to be willing to add DNSSEC and IPv6 support (it has some IPv6 support atm but you still need to use IPv4).

If you simply want proper DNS than get Google Public DNS. If you want to have DNS and some anti-malware stuff done at DNS level than OpenDNS is what you want. However, I'd still vote for Google Public DNS together with some security software like a firewall, antivirus (if necessary), etc.

GP007 said,
With people having 8mbps or some higher ones like 50mbps, the dns lookup times from your isp's servers is nothing to really worry about.

Latency and bandwidth are two separate concepts. For instance, my 16mbps connection has about the same latency (lag) when accessing a host as my 1.5mbps connection did. Around 50-100ms outside my ISP. Now, if you have high latency to your ISPs DNS then loading a web page can be slower than it really should. Since it is common for a web page to reference more than 1 domain name when loading (take any one of the image threads on neowin for example), your computer could easily spend a second or two just figuring out what name goes with what number (thats not even downloading actual content yet).

If a user has a really laggy DNS (200+ ms for a response) the WWW can be quite laggy and for no good reason.

Generally speaking, your ISPs DNS is the best to go with. But it is a good idea to check out how well it is performing. It is also nice that there are services like OpenDNS and now Google for people who are lagged (for whatever reason) from their ISP's DNS server.

micro said,
This is going to be interesting..

Excellent news google. Seems more and more ISPs are trying to lock you into the Advertisment supported DNS's by having them redirect you to spam/ad pages when you type in the wrong address, rather than the correct 404 error message.

Once again, google to the rescue :)


C_Guy said,
Or just type in the correct address and leave your DNS settings alone.

One of the two ;)

C_Guy, your comments are so often unhelpful. Why do you bother?

Yet another ploy that greedy Google uses to satisfy their cravenous information hunger and creater profiles for people's surfing habits and more.
Besides Chrome, this is another tool to help them achieve that goal for people who don't use Chrome.
These profiles of you are then sold to whoever wants them.

Lord Ba'al said,
Yet another ploy that greedy Google uses to satisfy their cravenous information hunger and creater profiles for people's surfing habits and more.
Besides Chrome, this is another tool to help them achieve that goal for people who don't use Chrome.
These profiles of you are then sold to whoever wants them.

+1

Lord Ba'al said,
Yet another ploy that greedy Google uses to satisfy their cravenous information hunger and creater profiles for people's surfing habits and more.
Besides Chrome, this is another tool to help them achieve that goal for people who don't use Chrome.
These profiles of you are then sold to whoever wants them.

evidence please.