Google Public DNS is an open DNS service that could be an interesting alternative to your ISP's DNS service. DNS is a very simple but essential service. Without a proper functioning DNS server, nothing works in IT. A sluggish DNS server can slow down your surfing speed dramatically, and a hacked DNS server is a tremendous security risk. Google Public DNS could be a solution for both problems.

DNS Settings

I don't know of any statistics covering this topic, but I guess DNS is a  crucial part when it comes to browser speed. What is the use of a new super high-speed browser you just downloaded that is 100 times faster (according to the publisher) than the browser you used a year ago if every page you open takes ages to display simply because your ISP doesn't know about the browser speed revolution out there?

Most web pages, including those with web applications, require multiple DNS queries. A simple page on 4sysops will bother your browser with about 10 different queries. Complex sites need many more. If the DNS server of your ISP doesn't have the corresponding IPs in its cache, then it has to recursively query other name servers. If the authoritative name servers are geographically remote, the overall latency can increase significantly. In particular, if your ISP’s DNS resolver is overloaded and has to drop packets, DNS can become a real bottleneck.

I often travel in countries with an underdeveloped Internet infrastructure. I found out that sometimes the main reason for a slow Internet connection is underprovisioned DNS servers. However, the main reason why I use Google Public DNS when I am travelling is because using the DNS of an unknown provider is a big security risk. Manipulating DNS entries is a popular way to redirect browsers to fake web servers. I don't want to imply that I mistrust all hotel staff, but the question is, how well protected are their routers?

Using a secure DNS resolver is the first step in establishing a secure Internet connection. It is not that my trust in Google is unlimited. However, I believe that their service is better protected and more trustworthy than those of most ISPs. Of course, you can configure the laptops of your users by default with your company's DNS IPs. But if the geographical distance between client and DNS resolver is large, this can slow down web browsers. Hence it makes sense to let end users change their DNS settings when they are travelling.

Google's DNS servers are distributed all over the planet. Their service is very fast because they have the biggest DNS caches out there. The Googlebot bot literally opens every web page and is dependent on quick DNS responses. Frequent recursive queries would certainly reduce the speed of the bot significantly.

DN Forwarders

Thus Google Public DNS is also an interesting alternative to your ISP’s DNS resolvers. You can't replace your internal DNS servers with Google's service, of course, but you can configure your DNS servers to use Google Public DNS as external resolvers. This might not only improve the surfing experience of your users, but it also reduces the risk of DNS-based DoS attacks because Google's servers probably wouldn't go down if all botnets out there started a concerted DoS attack against the datacenter giant.

The IPs of Google Public DNS are and

  1. Dantv 13 years ago

    Yeah right…Let’s give Google even more of our data!

    NO WAY!

    Opendns rocks on!

  2. Mateus 13 years ago

    I totally agree with Dantv: OpenDNS is great and we don’t need to give Google even more access to our data.

  3. Hugh 13 years ago

    Another vote for OpenDNS over Google or if you want

    DynDNS provide open DNS lookups in addition to the Dynamic DNS you may be aware of. They also have commercial services that provide some extra features such as spell correction and domain type blocking at very low cost e.g. from US$10 per year.

  4. epiquestions 13 years ago

    Yeah OpenDNS is great.

    What would be even better is DNS queries that can make use of proxies (isp,anon)

  5. This is certainly a valid argument. Google has indeed a lot of data of us. The other question is if it makes sense not to use a service just because of an unverified suspicion. If you really don’t trust them, you also can’t use their search engine, you have to install an Analytics blocker, etc. Things can get complicated if you want to avoid Google on the Internet. And what are the alternatives?

    As for OpenDNS, I doubt somehow that they can compete with Google’s international infrastructure. If it comes to speed, it is hard to beat Google. Of course, OpenDNS’s paid services are interesting although I am quite skeptical about using DNS to block access to certain parts of the Internet.

Leave a reply

Please enclose code in pre tags

Your email address will not be published.


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account