PDA

View Full Version : Open DNS, (Pros and Cons) ?



cbanakis
October 16th, 2012, 02:55 AM
Just learned something new about the internet. :)

I've been reading about it, but I can't seem to be able to find any facts about it.

Allegedly, using open dns instead of your isp's dns, makes your internet faster and more secure?

Is there a downside?

If you know about this, and have experience with it, please share any pro's and con's you have experienced.

I guess I can start this off with...

Pro - a p2p site I use regularly stopped working recently (appeared to be down), but switching to open dns made it work again, somehow.

(Also, if someone could explain why that fixed it, that would be super)

Welly Wu
October 16th, 2012, 03:41 AM
I purchased OpenDNS Home VIP service for one year for $20 USD. OpenDNS is the largest DNS service provider in the world. It helps to give you a clean surfing experience by replacing your ISP's DNS servers with OpenDNS servers.

If you do p2p, then you should consider paying for VPN service provider. WiTopia is a good combination with OpenDNS.

samalex
October 16th, 2012, 07:46 PM
I use the freebie OpenDNS at home, and it's nice, especially since Time Warner often does DNS hijacking which irritates the heck out of me. I can't say it's any faster though.

juancarlospaco
October 16th, 2012, 08:46 PM
Benchmarking with http://code.google.com/p/namebench theres no faster DNS than the google's 8.8.8.8.

OpenDNS is not DNS. It does not follow the DNS standard, since if some name dont exist it MUST return an Error, opendns returns their own web search page with ads.

sammiev
October 17th, 2012, 01:21 AM
Benchmarking with http://code.google.com/p/namebench theres no faster DNS than the google's 8.8.8.8.

OpenDNS is not DNS. It does not follow the DNS standard, since if some name dont exist it MUST return an Error, opendns returns their own web search page with ads.

Google's DNS 8.8.8.8 and 8.8.4.4 are both great, been using them for more than a year now with no problems. Works great with my VPN from WiTopia

zombifier25
October 17th, 2012, 03:43 AM
I use DNSCrypt, which only works with OpenDNS. I agree that OpenDNS's search page is a real PITA, but for now I turn it off in my account's setting.

Dr. C
October 17th, 2012, 03:56 AM
I simply prefer to run my own DNS. Three steps:
1)
sudo apt-get install bind9
2)
Set your DNS to 127.0.0.1
3)
sudo /etc/init.d/bind9 restart
If one is runing other computers or devices on the network particularly those running an OS that does not have bind9 built in such as Microsoft Windows or IOS then one simply sets those computers or devices to use the DNS provided by an Ubuntu or other GNU/Linux box either directly or via the router or other DHCP server.

sammiev
October 17th, 2012, 04:06 AM
I simply prefer to run my own DNS. Three steps:
1)
sudo apt-get install bind9
2)
Set your DNS to 127.0.0.1
3)
sudo /etc/init.d/bind9 restart
If one is runing other computers or devices on the network particularly those running an OS that does not have bind9 built in such as Microsoft Windows or IOS then one simply sets those computers or devices to use the DNS provided by an Ubuntu or other GNU/Linux box either directly or via the router or other DHCP server.

Seen this before but never played with it. Will play this weekend with these settings. :)

Warprunner
October 17th, 2012, 04:18 AM
I use the freebie OpenDNS at home, and it's nice, especially since Time Warner often does DNS hijacking which irritates the heck out of me. I can't say it's any faster though.

I agree and the exact reason I use it also!!!!

1clue
October 17th, 2012, 04:19 AM
Don't know about OpenDNS or Google DNS. I've used ZoneEdit for free dns at work, and use its servers as backups on my home network.

Frankly having your own DNS server inside your LAN is a huge help for a number of reasons.

First, you're not susceptible to an outage by an ISP or any other service. Conversely, you ARE susceptible to an outage on your own hardware, and that's much more likely if you discount deliberate outages by your ISP.

Second, DNS makes a significant bit of traffic for web browsing. If you have a caching DNS on your LAN, there is one lookup per domain name per NETWORK rather than one lookup per computer, and that lookup survives reboots of the client systems.

Third, you can redirect ad sites to be a local box which doesn't even listen, just refuses traffic. That might look uglier but it's way faster than loading a bunch of irritating ads, and more secure if you throw sites you don't trust in there too.

ikt
October 17th, 2012, 04:03 PM
Benchmarking with http://code.google.com/p/namebench theres no faster DNS than the google's 8.8.8.8.

Hrmmm?

Internode AU-2 is 94.4% Faster than your current primary DNS server

Primary Server 192.231.203.3 Internode AU-2 (My isp's backup DNS server)
Secondary Server 127.0.0.1 SYS-127.0.0.1 (My ISP's primary DNS server)
Tertiary Server 192.168.0.72 (my local dns server)

8.8.4.4 comes in 5th place after a rival ISP's DNS server.

SlugSlug
October 17th, 2012, 04:56 PM
in a default install - where does bind9 retrieve it's information from?

1clue
October 17th, 2012, 05:37 PM
From root dns servers, same as any other DNS

juancarlospaco
October 19th, 2012, 09:08 PM
Hrmmm?

8.8.4.4 comes in 5th place after a rival ISP's DNS server.

We both are right, since my ISP != your ISP.

lykwydchykyn
October 19th, 2012, 09:12 PM
OpenDNS is not DNS. It does not follow the DNS standard, since if some name dont exist it MUST return an Error, opendns returns their own web search page with ads.

This is why I quit using opendns. I have a server at home that does its own dns, and when it went down and I'd try (not knowing it was down) to ssh in, my client would try to ssh into opendns's server and I'd just get "connection refused". Sent me barking up the wrong tree one too many times.

juancarlospaco
October 19th, 2012, 09:50 PM
This is why I quit using opendns. I have a server at home that does its own dns, and when it went down and I'd try (not knowing it was down) to ssh in, my client would try to ssh into opendns's server and I'd just get "connection refused". Sent me barking up the wrong tree one too many times.

I code Python stuff, and a non-standard DNS cause several problem, that should not be.

lykwydchykyn
October 19th, 2012, 09:53 PM
I code Python stuff, and a non-standard DNS cause several problem, that should not be.

I can see that. In my case, it was a security issue as well because my credentials were being sent to someplace other than where they were supposed to.