Considering your DNS Options

OCTOBER 31ST, 2014

Last week a windstorm whipped through my town and knocked the power out at my home for a few hours. My neighborhood was a mess, but it didn’t take long to remove the debris and branches which had blown into our yard. Windstorms are not uncommon in Southern Utah, but few result in power outages. Power is a lot like Domain Name Servers (DNS) in that both run in the background, and neither are given much consideration until it goes down. DNS is the equivalent to the internet’s phone book. DNS maintains a directory of domain names and translates them to IP addresses.  Without DNS, we’d all have to remember a string of numbers instead of the more human-friendly domain names. This week I want to take a look at three of the most popular DNS providers and see if any are worth your consideration. If you’d like a primer on DNS, this article from Verisign is informative. Public vs. Private DNS It helps to begin by differentiating a public DNS from a private DNS:

  • Public DNS is what most people are familiar with. They are generally provided to your business by your ISP.  A public DNS maintains a record of publicly available domain names reachable from any device with internet access.
  • Private DNS resides behind a company firewall and maintains records of internal sites. Employees of the company use the private DNS to access internal sites and services without having to remember IP addresses.

Public and private can be used in conjunction to provide a higher level of service and security. For this article I’m going to focus on public DNS options. Utilizing a public DNS is a popular choice for smaller companies which don’t have a large intranet to manage. Why Change DNS Providers? There are a number of reasons to consider changing your DNS, but most come down to two: performance and security. If the DNS your ISP provided isn’t responsive it will result in slow web browsing experience. Security is another reason to consider third party alternatives. Some DNS providers offer malware or adult site filtering which are especially helpful when younger children or less experienced internet users are involved. For most companies, the best combination of performance and security is using the DNS provided by your ISP. Compared to a global DNS service, your ISP’s DNS is usually closer in proximity to your business, which results in better performance. Global DNS services must provide value-added features to their DNS to make them worthy of consideration. The Big Three Dozens of public DNS servers are up and running today, and you’re free to use any of them. Public DNS maintains an updated list of servers, but it’s too overwhelming to be of much help for those looking for an alternative DNS, even when filtering by country. Let’s take a look at three of the most popular and respected DNS services: OpenDNS OpenDNS has been around for a long time and was one of the first to offer phishing protection and content filtering features. OpenDNS offers services tailored to both personal and business customers. Their business offering includes a layer of protection called Umbrella Security. Umbrella blocks connections to malicious websites, protects against bots, and helps protect against phishing websites. OpenDNS has both free and paid options. Customer Focus: Small to medium business. [caption id="attachment_18920" align="aligncenter" width="499"]


Real time security activity reports in OpenDNS. Photo courtesy of OpenDNS[/caption] Google Public DNS While late to the DNS party, Google has made up for lost time by offering a reputable and fast DNS service. It doesn’t hurt that it also has an easy IP address to remember: and Compared to other DNS services, Google provides a slimmed down service that lacks many of the advanced features found elsewhere. Much like its search engine, Google focuses on speed above all else, and it’s the reputation for speed that has made Google Public DNS a popular choice. That Google offers it for free also doesn’t hurt. Customer Focus: Small business and personal. Amazon Route 53 Popular with business customers, Amazon Route 53 connects user requests to infrastructure running AWS as well as traffic outside AWS. We’ve been using this DNS service at Puget Systems for the past year, and have been happy with it. Like all AWS services, pricing for Route 53 is based on what you use. Amazon does not offer a free DSN product. Customer Focus: Medium to large business. Conclusion While OpenDNS, Google Public DNS, and Amazon Route 53 have gained their share of fans, how can you know if it’s worth considering another option besides the DNS provided by your ISP? Google provides a free tool called namebench which compares speeds among many DNS providers. While speed isn’t the only factor to consider when selecting a DNS, it could be used as the deciding factor while selecting among a number of similar services. Changing your DNS provider is not a decision you should make without proper research. You may find the most reliable and best performing DNS to be the one provided by your ISP. While that’s generally the case, it doesn’t hurt to compare to both free and paid options.