On December 3, 2009, Google opened up a new service for everyone. Google Public DNS. Most people probably don’t know what DNS is, or why they should care. The typical theory is “It works, so why should I bother with it?” (aka “If it ain’t broke, don’t fix it.) In this post, I will outline the value of DNS, and why you should care. And I plan on touching on your options (and my opinion on why you should choose one over the other).
What is DNS?
There are two schools of thought about how to explain DNS. The first is the most basic and doesn’t get into the technical aspects of how it works. This is that DNS is similar to the Directory Assistance that you call, when you don’t know a phone number for someone. You call them, and ask for “John Public’s phone number” and they look it up and reply with “It’s 412-555-2343.” DNS does this same thing: When you look up www.yahoo.com, the DNS server gets the IP address (that your computer needs to get the page from Yahoo) and returns it to your computer—then your computer goes to that address and gets the page.
The second school of thought is a bit more technical. It compares DNS to the Post Office. When you take a letter for Aunt Jane to the Post Office, they look to see if she’s in their area. If not, then they send it to the next office in line which will send it to the central office, which will pass it to the central office that handles Aunt Jane’s town, and they will pass it down to the Post Office in Aunt Jane’s town. DNS does the same thing. If you ask for www.yahoo.com and it doesn’t know the IP address, it asks the next server in line. If that one doesn’t know, it asks the next server up, and so on and so forth—until one of them replies with the IP address.
Why should I care about Google Public DNS or Open DNS or whatever?
There are a lot of reasons why you should care about this. When you sign up with an ISP (Internet Service Provider), they assign specific DNS servers for you to use. This may not be an issue, unless they change the IP addresses for the servers, or their servers are hit with a Denial of Service attack (which essentially shuts them down), or if they don’t keep their DNS servers updated (and are vulnerable to security problems). And occasionally, they will use their DNS servers to redirect you to advertisements or preferred sites (in the event that your request cannot be answered).
Just a few years ago, Comcast had an issue where the majority of their DNS servers ceases functioning. So a lot of their customers had no way of getting to pages that they hadn’t frequently visited. They are not alone. Qwest has had issues with DNS in the past, and so have the other major and minor ISP’s.
The “Public DNS” that Google is offering, or OpenDNS (which is offered by another service) take steps to prevent these types of issues from happening. They keep their systems updated, and take steps to minimize the effects of Denial of Service attacks. The biggest thing they do is offer you a choice. You’re not locked into your ISP’s DNS Servers (and any controls that they have implemented in them).
Which is better? Google Public DNS, OpenDNS, or your own server:
This question can only be really answered over time. A lot of the answer will depend on what your preferences are. And part of it will depend on whether you want to update your system, or just use it.
If you want total control over what happens with your DNS requests, then implementing your own server is best. However, you will bear the responsibility of making sure that you have the latest updates for the server.
Google Public DNS offers you the comfort of not having to worry about security and updating. And they offer you things like an error page when you type in a website that cannot be resolved. The biggest tradeoff is this: If someone wants to surf porn, or download illegal content, or other malicious or questionable acts, Google’s Public DNS doesn’t offer you control over this. They allow all sites to be resolved.
OpenDNS offers you the same comfort as Google Public DNS. However, you lose the error page when something is wrong. Instead, you are presented with a search page or a message page saying that the nameservers failed. One of the benefits that OpenDNS offers is control and filtering. You can control what categories and sites will be resolved. I’ve used this system for an open wireless router. I blocked porn, bittorrents, filesharing sites, and other content that could cause me legal issues. It worked without much of an issue.
In a future post, I will give you some generic instructions on how to change your DNS servers, and the IP addresses for both Google Public DNS and OpenDNS.
Have a great day:)