Open dns

[dpm802]

Does anyone here use OpenDNS on either their home or work networks?

I'd been running the free version for about a year on my laptop. A few days ago I upgraded to the paid version and installed it on my WiFi Router. Its only $19.95 per year and its pretty easy to set up if you know how to follow a short, easy set of directions.

If you don't know your way around the ONEs and ZEROs inside your computer, maybe better get someone else to install it for you. But it will open up your net-surfing experience like nothing I've ever seen before. FAAAAAAST Solid connections. Secure Encryption all the way through. I've been streaming videos from Netflix and YouTube for the last 3 days and it hasn't skipped a beat.

You know what its like to sip a drink through a straw?
Picture that same beverage being delivered by a 4" Fire Hose. That's the difference.

Every website I visit runs clean and solid and Faaaaaaast ... And its only $19.95 a year.

Check it out.
www.opendns.com

 

[AABCDS]

Thanks for posting this. FYI, you can sign up for a free account and take advantage of the increased internet speed. You won't get as many features as with a paid account, of course. It's pretty easy to do. There are some excellent step-by-step instructions.

 

[JCee]

I've been using it for a while now. I had a problem with my teen visiting inappropriate sites and along the way getting tons of malware. I started using the free versions of Open DNS for the firewall (which works great), but noticed an increase in speed over my ISP's DNS as well.

It was kinda fun busting the kid afterwards too, as it logs every site visited on your network.

 

[dreadpirate]

I have been using it for over 2 years now. Works like a charm, and it's a must I think if you have kids with Internet access.

 

[dpm802]

I don't have kids, and the Parental Controls are disabled on everything I own.

But for just $20, I feel like I'm more than getting my money's worth. The difference(s) of the paid version over the freebie are some big upgrades, particularly if you're a tech-head like me. But even if you're not, the increased speed and security alone make it a no-brainer to use OpenDNS on every device I have.

Its installed on my WiFi router, so it feeds everything at home. I'd love to find a way to get it to run with my Androids, both a Kindle Fire and a Motorola Droid2 on Verizon. I'm due for a new cell phone in August, and I want to stay with Android and I want to stay with Verizon. Any suggestions?

 

[professorchaos]

I use them too. None of the enhanced features though.

It isn't actually accurate that they speed up your network. They speed up name resolution which can make your network appear quick.

 

[dpm802]

I use them too. None of the enhanced features though.

It isn't actually accurate that they speed up your network. They speed up name resolution which can make your network appear quick.

I believe that the DNS process also maps out the route that the data will take between the server and client. Choosing a more efficient transport with fewer stops and handoffs will also greatly increase speed.

 

[HydroWVU]

That sounds like what I need, I have been looking for a whole house filtering system. How's does opendns provide parental control and filtering? Is this a piece of soft you install or you just use their Dns servers and they filter and block from there?

 

[Go West Young Man]

Anyone have thoughts on Opendns versus Google Public DNS?

 

[dpm802]

That sounds like what I need, I have been looking for a whole house filtering system. How's does opendns provide parental control and filtering? Is this a piece of soft you install or you just use their Dns servers and they filter and block from there?

The filtering is done at the Server level. I don't use the Parental Controls, but they appear to be robust and easy to configure.

I like OpenDNS for the Speeeeeeed. Everything else it does is just gravy.

 

[professorchaos]

I believe that the DNS process also maps out the route that the data will take between the server and client. Choosing a more efficient transport with fewer stops and handoffs will also greatly increase speed.

DNS simply resolves a name to an IP address. Route selection is a function of routers and is independent of the device - your computer's network card puts the packets on the network and the network gear decides the best path based on a variety of configurable factors.

 

[SiBurning]

DNS has nothing to do with routes. Routes are determined in a pretty chaotic fashion at a very low level, with each piece of hardware just finding a next hop. The internet backbone is redundant, so there's always at least two choices (after the packets leave your isp), and any two sequential packets can find themselves going around the world in different directions. The only thing that prevents this from happening is that companies that own the hardware can bill for traffic, and also pay for the wiring, so they have incentive to keep things efficient (handling more traffic over fewer wires). They also have incentive to keep things on their own network, assuming there isn't a free route elsewhere. But we all know how efficient those bureaucratic phone companies can be.

What's actually happening is that these new DNS servers provide additional functionality that gives you the IP address of a server that's closer to you, or less busy. It's not about routes, just the endpoints.

Akamai has been duplicating web servers around the world for years.
DNS Support for Load Balancing -- some DNS servers can point you to a preferred server

Newer DNS servers also account for your location, so they can refer you to a local copy of a server.
Google's location sensitive DNS
Global Internet Speedup Initiative
Client subnet in DNS requests IETF draft

It sounds like this software from OpenDNS installs a DNS server locally. Typically, you don't cache these addresses, and need to make a query to a DNS server for every URL on a web page (or anything else), and some pages have dozens of hostnames. A local DNS server would store these addresses locally, so you don't have to make all of these calls to the server, just the first one to translate each hostname. It probably expires these names quickly, say every few hours, and has hooks to remove the entry when the IP address can't be found (or some other removal strategy).

If you're a serious techie, you'll just install BIND (or its equivalents, since BIND itself sucks) on an old computer (a 386 is fine), point the top level server to OpenDNS and google, and do all of the hostname and IP address filtering yourself. Of course, you won't get the automatic parental, phishing, and hacked server filtering this way. (But that might be available as an extension to the DNS queries.)

Personally, I've had a BIND server in the past. Some pages with lots of hostnames to resolve would load faster with a local DNS server, especially on Windows with its port throttling (but a limit is built into most web browsers these days, anyway). But these days, I just configure my boxen to point to OpenDNS and don't install a thing. Just using their DNS gives me the location-specific benefits of extended DNS. But it's actually slower than using my ISP's DNS, since each request has to go to the internet, instead of remaining within my ISP's local network. Shows how much I care about the extra second it takes on average, or the 5 seconds it takes on a few sites.

 

[dpm802]

Thank you SiBurning for the detailed explanation(s). I went through MCSE school back around the turn of the century, but I don't keep up with this stuff on my day job, so a lot of it is out of practice for me. DNS was one of those gray areas I didn't remember much about, but its all coming back to me now, especially when you mentioned BIND devices.

I used to be a hard-core techie, but now, my digital devices mean little more to me than my refrigerator does. I look on them as appliances or vehicles to surf the InfoBahn, and I don't get all caught up in maintaining SotA hardware or software anymore.

But coming back to OpenDNS ... I don't mind spending good money on my systems. I refuse to run bootleg software or continue to renew trial copies every few days. If I like a program, if it feeds my existence in cyberspace, if its from a good company with lots of good reviews ... yeah, I'll spring for a commercial copy and pay for the license and register everything and keep it all automatically renewed each year.

I currently have registered, paid-for Norton 360 on my desktop and Norton Mobile on my Android phone. OpenOffice takes care of just about everything I need to do for correspondence and presentation. I make extensive use of the more arcane and lesser-known Microsoft utilities, especially Task Manager.

I recently went through and removed all of the trial softwares that had had accumulated on my hard drive and flushed out the StartUp folder and reset a lot of things back to Factory Defaults ... so its running pretty crisp and quick compared to the way it was a month ago.

BTW, the system in question is a Toshiba Satellite L555-7945, 17" laptop with 4G Ram, I bought it new in November of 2009 ... I'll be upgrading this to 8G after Labor Day, along with adding a Flash drive and some Caching Software to make this little box Screeeeeam.

 

[eth]

I don't use it, as I prefer to manage my network on my own. If I would want to log what hostnames are looked up from my network, I would also want these logs to be stored locally. There is no reason to store them elsewhere.

I do keep a note of IP addresses to public DNS servers, if my ISP DNS should fail (which has happened). I don't notice any performance difference switching between DNS services, except for running my own local DNS server. There must be a giant load of poorly configured DNS servers out there, considering all the hype OpenDNS and similar services get.

 

[Go West Young Man]

Interesting, I've run namebench 4 times, and each time it tells me a different DNS service is the optimal for me. The only common thread seems to be that ANY service will be better than my ISP's so I'm giving OpenDNS a trial now. Google Public DNS didn't get high marks on any of the tests, which is strange considering that we're about 10 miles from the Googleplex itself.

 

[SiBurning]

DNS servers that service more people will have more names cached, so they'll be faster for some things. See the namebench FAQ, which also addresses some of your other notes, too: http://code.google.com/p/namebench/wiki/FAQ

I wonder what that benchmark actually does. Just measuring the fastest response from a particular name server is useless, or rather besides the point. For example, if it returns the address of a streaming server that's halfway around the world, you're going to have delays in actual streaming. The same is true for a web page. Older DNS software will grab the address that's best for the server, but being hierarchical, the actual server making the request could be far away from the end user. This is one of the reasons to use one of the newer implementations, such as google or OpenDNS. Other reasons have to do with how well the database is managed and secured. I wouldn't base my decision on the speed of translating names into IP address. That's only the most important thing in certain limited circumstances, such as a web page with a lot of different addresses (images, frames, scripts, etc) where few or none of them are colocated.

 

[SiBurning]

Don't get confused by the technical talk. Only network administrators should worry about how hostname-to-IP-address translation works. If you want a feature, try that DNS server or the OpenDNS software. Or try a few and see what works better in which situations and make a decision. I bet you have trouble deciding on the technical merits, and end up making a decision based on whether one kind of delay is more noticeable than another.

 

[heitwl]

you can try Google open DNS if you don't have young inquiring minds. 8.8.8.8 and 8.8.4.4

Clay