DNS Series: Understanding Domain Name System and Public DNS Services

The Domain Name System (DNS) is one of the fundamental technologies that make the internet work. It acts as the internet's phonebook, translating human-readable domain names like www.example.com into IP addresses that computers use to identify each other on the network.

What is DNS?

DNS stands for Domain Name System. It's a hierarchical and decentralized naming system for computers, services, or other resources connected to the internet or a private network. It associates various information with domain names assigned to each of the participating entities.

How DNS Works

When you type a domain name into your browser, the following process occurs:

1. Your computer checks its local DNS cache for the IP address
2. If not found, it queries your configured DNS resolver
3. The resolver may check its cache or query other DNS servers
4. The query travels through the DNS hierarchy: root servers, TLD servers, authoritative name servers
5. The IP address is returned to your computer
6. Your browser connects to the web server at that IP address

Why Use Public DNS Services?

Public DNS services offer several advantages over default ISP DNS servers:

• Speed: Often faster response times
• Security: Protection against phishing and malware
• Privacy: Better privacy policies than some ISPs
• Reliability: More robust infrastructure
• Features: Additional filtering and content blocking capabilities

Major Public DNS Services Comparison

Here's a comprehensive comparison of popular public DNS services:

Detailed Analysis of Each DNS Service

Google Public DNS

• IPv4: 8.8.8.8, 8.8.4.4
• IPv6: 2001:4860:4860::8888, 2001:4860:4860::8844
• Purpose: Speed and reliability
• Strengths:
  • Extremely fast response times
  • Massive global infrastructure
  • High uptime and reliability
  • Well-established and trusted
• Weaknesses:
  • Privacy concerns (Google logs query data)
  • Centralization issues (too much power to one company)
  • Potential for censorship

Cloudflare DNS

• IPv4: 1.1.1.1, 1.0.0.1
• IPv6: 2606:4700:4700::1111, 2606:4700:4700::1001
• Purpose: Speed and privacy
• Strengths:
  • Fast performance using Cloudflare's CDN
  • Strong privacy policy (no logs)
  • Clean browsing options available
  • Transparent privacy practices
• Weaknesses:
  • Newer service than competitors
  • May be blocked in some countries
  • Potential for centralization concerns

OpenDNS

• IPv4: 208.67.222.222, 208.67.220.220
• IPv6: 2620:119:35::35, 2620:119:53::53
• Purpose: Security and content filtering
• Strengths:
  • Advanced security features
  • Content filtering and parental controls
  • Phishing and malware protection
  • Business and enterprise features
• Weaknesses:
  • Requires account for advanced features
  • May be too restrictive for some users
  • Commercial service with data collection

Quad9

• IPv4: 9.9.9.9, 149.112.112.112
• IPv6: 2620:fe::fe, 2620:fe::9
• Purpose: Security and privacy
• Strengths:
  • Blocks known malicious domains
  • No query logging
  • Threat intelligence from multiple sources
  • Non-profit organization
• Weaknesses:
  • May block legitimate sites
  • Limited customization options
  • Potential for false positives

AdGuard DNS

• IPv4: 94.140.14.14, 94.140.15.15
• IPv6: 2a10:50c0::ad1
  , 2a10:50c0::ad2
• Purpose: Ad blocking and privacy
• Strengths:
  • Blocks ads, trackers, and malware
  • Multiple configuration options
  • Family protection features
  • No logs policy
• Weaknesses:
  • May interfere with legitimate services
  • Some websites may not function properly
  • More complex setup for advanced features

Control D

• IPv4: 76.76.2.0, 76.76.10.0
• IPv6: 2606:1a40::, 2606:1a40:1::
• Purpose: Privacy and security
• Strengths:
  • No logs policy
  • Multiple server locations
  • Ad blocking options
  • Encrypted DNS support
• Weaknesses:
  • Less well-known service
  • Potentially less stable infrastructure
  • Limited documentation

NextDNS

• IPv4: 45.90.28.0, 45.90.30.0
• IPv6: 2606:1a40::, 2606:1a40:1::
• Purpose: Ad blocking and analytics
• Strengths:
  • Highly customizable blocking rules
  • Detailed analytics dashboard
  • Encrypted DNS protocols supported
  • Family protection features
• Weaknesses:
  • Requires subscription for full features
  • More complex setup
  • Potential performance overhead

Comodo Secure DNS

• IPv4: 8.26.56.26, 8.20.247.20
• IPv6: Not available
• Purpose: Security
• Strengths:
  • Malware and phishing protection
  • Free service
  • Security-focused
• Weaknesses:
  • Limited IPv6 support
  • Less popular and tested
  • Fewer features than competitors

CleanBrowsing

• IPv4: 185.228.168.168, 185.228.169.168
• IPv6: 2a0d:2a00:1::, 2a0d:2a00:2::
• Purpose: Content filtering
• Strengths:
  • Family-friendly filters
  • Malware protection
  • Multiple filtering profiles
• Weaknesses:
  • Limited customization options
  • May block too much content
  • Less focus on performance

DNS.Watch

• IPv4: 84.200.69.80, 84.200.70.40
• IPv6: 2001:1608:10:25::1c04
  , 2001:1608:10:25::9249
• Purpose: Privacy and neutrality
• Strengths:
  • No logs policy
  • No content filtering
  • Neutral routing
  • Transparent operations
• Weaknesses:
  • Basic service with limited features
  • Less performance optimization
  • Smaller infrastructure

Gcore Public DNS

• IPv4: 89.233.43.71, 185.229.236.229
• IPv6: 2a04:ffc0:20::71, 2a04:ffc1:20::71
• Purpose: Speed and reliability
• Strengths:
  • Fast performance
  • Global CDN infrastructure
  • Good uptime
• Weaknesses:
  • Less well-known
  • Limited documentation
  • Fewer advanced features

Verisign Public DNS

• IPv4: 64.6.64.6, 64.6.65.6
• IPv6: Not available
• Purpose: Reliability and security
• Strengths:
  • Operated by domain name registry
  • High reliability
  • Security features
• Weaknesses:
  • Privacy concerns
  • Limited filtering options
  • No IPv6 support

How to Configure Public DNS

Windows

1. Open Network and Sharing Center
2. Click on your active network connection
3. Select Properties
4. Select Internet Protocol Version 4 (TCP/IPv4)
5. Enter your chosen DNS server addresses

macOS

1. Go to System Preferences > Network
2. Select your connection and click Advanced
3. Go to DNS tab
4. Add your chosen DNS server addresses

Router Configuration

1. Access your router's admin panel
2. Navigate to DNS settings
3. Enter your chosen DNS server addresses
4. Apply changes (affects all devices on network)

Security Considerations

When choosing a DNS service, consider:

• Privacy policies: What data is collected and stored?
• Encryption: Does the service support DNS over HTTPS (DoH) or DNS over TLS (DoT)?
• Security features: Does it block malicious domains?
• Transparency: Does the provider publish transparency reports?

Conclusion

Public DNS services offer significant advantages over default ISP DNS servers. The choice depends on your priorities: speed, security, privacy, or content filtering. Consider your specific needs and test different options to find the best fit for your use case.

In the next part of this series, we'll explore DNS security in more depth, including DNS over HTTPS (DoH) and DNS over TLS (DoT) protocols.

Related Articles

• domain name system
• cloudflare dns
• adguard dns
• cleanbrowsing
• dns over tls