The fastest public DNS providers in 2015 - gHacks Tech News

The fastest public DNS providers in 2015

Public DNS services may offer advantages over the DNS servers used natively by Internet Providers. These advantages may not be limited to speed only as you may get additional functionality on top of that.

This may include filtering options, for instance to block malicious sites or phishing sites straight away, but also options to bypass network or country-wide Internet filters.

ISPs in Spain for instance blocked access to The Pirate Bay website recently on the DNS level and a workaround for that was to switch to a global DNS service to access the site again.

There may be other advantages. Some ISPs may display custom error pages when look-ups fail in order to earn additional revenue. If you prefer to see the browser's error page instead when that happens, you could switch DNS providers to ensure that.

Speed may not seem important at first but since DNS is one of the cornerstones of the Internet and used a lot during Internet sessions, you may be able to load web pages and resources faster and improve the overall experience as well.

There is a third factor of importance: privacy. Since the selected DNS provider processes all of your connections on the Internet, you end up revealing information that you may not want to reveal to some companies.

That is out of the scope of this guide however. I suggest you check the privacy policy of services that you are interested in to find out how they handle this.

dns benchmark

The program used for the test is Namebench, a DNS benchmarking system. The following settings were used in the benchmark:

  • Query the top 2000 Alexa websites.
  • Number of queries: 250
  • Include global DNS providers.
  • Include censorship checks.
  • Health Check Performance: fast

In addition to those settings, the following providers were added to the list of nameservers:

The following providers are included natively by the program:

For your own tests, it makes sense to include regional DNS services as well as they may provide faster access than global providers.

Note: It is highly recommended to run the tests on your end as well. The reason for this is that access time and overall performance may differ depending on your location in the world. A provider in France may work well for central European users for instance but not so well for someone from Australia or Japan.

Results

IPDescr.HostnameAvg (ms)MinMax
8.8.4.4Google Public DNS-2google-public-dns-b.google.com103.0223.23500
208.67.222.222OpenDNS-2resolver1.opendns.com163.8631.43500
89.233.43.7189.233.43.71ns1.censurfridns.dk215.931.63500
208.76.50.50208.76.50.50ip-50.50.76.208.datasub.com222.8999.51545
216.146.35.35DynGuideresolver1.dyndnsinternetguide.com238.74423500
81.218.119.1181.218.119.11bzq-218-119-11.red.bezeqint.net244.34783500
199.85.127.10199.85.127.10199.85.127.10245.6536.83500
156.154.71.1UltraDNS-2rdns2.ultradns.net247.8330.33500
195.46.39.39195.46.39.39dns1.safedns.com249.6699.93500
209.88.198.133209.88.198.133209-88-198-133.bb.netvision.net.il268.8786.33500
37.235.1.17437.235.1.174resolver1.freedns.zone.powered.by.emerion.com305.7136.33500
84.200.70.4084.200.70.40resolver2.ihgip.net308.9223.13500
107.150.40.234107.150.40.234mail.zee.li322.23140.23500
208.76.51.51208.76.51.51ip-51.51.76.208.datasub.com336.97181.43500
50.116.23.21150.116.23.211www.eqnic.net344.19159.33500
37.235.1.17737.235.1.177resolver2.freedns.zone.powered.by.emerion.com344.2336.63500
8.26.56.268.26.56.26ns1.recursive.dns.com349.4531.33500
8.20.247.208.20.247.208.20.247.20380.5431.23500
209.244.0.4209.244.0.4resolver2.level3.net409.8931.33500
84.200.69.8084.200.69.80resolver1.ihgip.net526.0723.53500

As you can see, there are major differences between providers. While average may not always be the best metric for comparison, you will notice that the fastest response time of some providers is slower than the average response time of the fastest providers.

Run your own benchmark on your computer

It is easy to run your own benchmarking test to find the fastest DNS provider.

  1. Download Namebench from the project website. It is available for Windows, Linux and Mac OS X.
  2. Run the program and set the preferences as seen on the screenshot above. In addition, check the regional DNS services option as well.
  3. Wait for the benchmark to run its course. This takes several minutes and I suggest you don't use the computer in that time to avoid result inconsistencies.
  4. The results are displayed on a local web page. There you find listed the recommendations of the program on how to set the DNS providers on your system. In addition, notes are giving for sites that appear to work incorrectly when using the DNS service.

Changing the provider

There are two core options when it comes to changing DNS providers: you can change them on individual devices or in routers or servers. The latter has the advantage that all devices connecting to the router or server use the provider automatically.

I suggest you check out the instructions on the Open DNS website for that. They cover all scenarios including home routers and computer workstations, laptops and mobile devices. Note that you need to switch IPs if you don't select OpenDNS as your provider of choice.

Now You: Which provider is fastest and which are you using on your systems?

Summary
The fastest public DNS providers in 2015
Article Name
The fastest public DNS providers in 2015
Description
A list of global public DNS providers and benchmark results highlighting their performance.
Author

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Tom Hawack said on April 3, 2015 at 9:02 pm
    Reply

    Here I use the DNSProxy application which crypts requests/answers to the DNS server, one within a list provided by the application (not all DNS servers support encrypted connections). In this list is OpenDNS of which much has been said regarding privacy, but also many others (20 or so) of which dnscrypt.eu with servers in Netherlands and Denmark. These 3 are the fastest for me here in France. What I mean to say is that I tend to use OpenDNS whatever my suspicions regarding privacy because not only does it appear as being the fastest resolver but also because it offers extra security for both registered and unregistered users, and an extra layer for registered users. Whatever, encrypted DNS requests is said to be an important contribution to security especially in regard to the ‘Man In The Middle’ threat…

    Anyway, being able to choose one’s DNS is an important topic to be aware of. Most users rely on their default ISP servers and as such are condemned to follow whatever the ISP’s policy may be, as described in this article.

    1. John said on April 3, 2015 at 11:47 pm
      Reply

      DNSProxy? Care to share the website link?

      1. Tom Hawack said on April 4, 2015 at 9:38 am
        Reply

        DNSCrypt home page : http://dnscrypt.org/
        DNSCrypt-Proxy downloads : http://download.dnscrypt.org/dnscrypt-proxy/
        DNSCrypt Windows Service Manager : http://simonclausen.dk/projects/dnscrypt-winservicemgr/
        DNSCrypt.eu – Free, Non-logged and Uncensored : https://dnscrypt.eu/
        DNSCrypt.eu Archives – Simon Clausen : http://simonclausen.dk/tag/dnscrypt-eu/

        Copy/pasted from my bookmarks :)

      2. Tom Hawack said on April 4, 2015 at 3:09 pm
        Reply
      3. Tom Hawack said on April 4, 2015 at 7:40 pm
        Reply

        Sorry, but I pasted links here concerning DNSProxy and they weren’t published.
        If links are forbidden should I encrypt them within a poem for instance?
        Anyway, a Web search for DNSCrypt and all information will be easily found (DNSCrypt remains gathered in a rather small perimeter).

      4. Martin Brinkmann said on April 4, 2015 at 8:15 pm
        Reply

        Links are live now. All links are automatically added to the moderation queue.

  2. Guest said on April 3, 2015 at 11:50 pm
    Reply

    Some CDN providers return their nearest server based on DNS request location. So I am not sure is the fastest DNS can lead me to the best server or not. Is there any way to measure that?

    1. Martin Brinkmann said on April 4, 2015 at 7:21 am
      Reply

      The sample size has an impact on that. If you increase the number of requests per DNS server, you should get good values for each.

  3. Dwight Stegall said on April 4, 2015 at 1:58 am
    Reply

    I use a portable program called Dnsjumper in Windows. It will search for the fastest but I just use Google Public Dns IPv6. It can flush the DNS cache too. Handy when your ISPs default DNS is offline. You can select a different one and immediately get online while others have to wait.

  4. Torro said on April 4, 2015 at 2:10 am
    Reply

    I use OpenDNS, and I’m happy with it. Glad it’s one of the best.

  5. anon said on April 4, 2015 at 9:23 am
    Reply

    Curious: with one exception all max. results are 3500ms.

    1. Martin Brinkmann said on April 4, 2015 at 9:30 am
      Reply

      That’s the timeout period.

  6. Blue said on April 4, 2015 at 8:24 pm
    Reply

    The DNS for each person would/should be different and not all DNS would work for everyone so suggesting a DNS one person claims is fast may not be fast for the other person. For example. Google’s open public DNS (8.8.8.8 / 8.8.4.4) has an Avg MS of 6-12MS for me, but for Martin it shows 108.

    When changing DNS the second time around as suggested by one of Martin’s past posts, I gave Open DNS a try and overall the Avg MS was about the same as Google’s DNS. The only difference is Google resources loaded a bit slower with Open DNS.

    The program (namebench) crashes under Windows 7-64b at the settings you suggest Martin, so I played with the different options and as it turns out (for me only?) it only works under default settings but only for a few minutes, then it too crashes. The program only ran (for me) when the queries were set for 50 instead of the default 250.

    The suggested program by Dwight Stegall doesn’t crash but it only queries once instead of 50-250 queries like namebench does. But simply enough just tapping the test button in DNS Jumper a few times and the results change slightly. For me it is between Google DNS at 6-12 MS, and Open DNS at 11-18 each time I tapped the “find fastest DNS”.

    I do believe DNS Jumper is only pinging the servers once, whereas namebench is sending a larger packet to query with.

  7. NS63 said on April 5, 2015 at 12:24 pm
    Reply

    You forgot to test Yandex.DNS

  8. Mike said on April 6, 2015 at 1:03 am
    Reply

    Been using Open DNS for years, Like the fact has setting for better security as well as its
    speed for me ,I have tried Google as well as others
    but Open Dns has been the best,
    one more thing
    after finding your fav. dns
    run spoof test to see how secure really is

    https://www.grc.com/dns/dns.htm

    1. chesscanoe said on April 6, 2015 at 4:10 pm
      Reply

      I’ve been using OpenDNS for years, even before their Dnscrypt became available.
      https://www.opendns.com/about/innovations/dnscrypt/

      Thanks for your GRC link confirming OpenDNS is a great choice for my USA location.

  9. Dan said on April 6, 2015 at 2:08 am
    Reply

    I use OpenNIC (2 nearest non-logging servers), followed by censurfridns. I use Nirsoft’s QuickSetDNS to change DNS servers quickly if there’s a problem (where I have OpenDNS, GoogleDNS, and NortonDNS as backups).

  10. beachbouy said on April 6, 2015 at 4:39 am
    Reply

    The best DNS benchmark program I’ve used is GRC’s DNSbench, available at https://www.grc.com/dns/benchmark.htm. It is very thorough and provides lots of information.

    In the past two years, OpenDNS has been dropping further and further on the list. Now, it’s not even in the top 50 fastest DNS servers for my Mid-Atlantic coastal U.S. location.

    1. Kevin Dearing said on April 7, 2015 at 12:59 am
      Reply

      Excellent article Martin.
      One thing to add…
      When evaluating which DNS provider to use, I also consider if the provider has implemented DNSSEC.

      You can test this at:
      http://test.dnssec-or-not.com/

  11. chesscanoe said on April 7, 2015 at 11:49 am
    Reply

    Per paragraph 3 of https://www.opendns.com/about/innovations/dnscrypt/ it appears to my unknowledgeable eye that DNSCrypt is much more important than the complementary but very underused DNSSEC. Comments?

    1. Kevin Dearing said on April 7, 2015 at 2:42 pm
      Reply

      I wouldn’t say it’s more important at all; they perform different functions.
      DNSSEC provides authentication of traffic between DNS servers mitigating cache-poisoning attacks.
      DNSCrypt encrypts traffic between your network and your DNS provider mitigating man-in-the-middle attacks.

      Realistically, a cache-poisoning attack potentially affects a much wider audience.

      Another advantage to DNSCrypt is because your DNS traffic is encrypted, your ISP has a much more difficult time tracking what sites you visit (trust me, most ISPs do this). This is why, to my knowledge, no ISP uses DNSCrpyt.

  12. Ben said on April 8, 2015 at 3:40 pm
    Reply

    Tried it like some weeks ago when someone linked it on heise, but it just ran for 30min without giving me any results and then I aborted it.
    It only takes some minutes for you?

    1. Martin Brinkmann said on April 8, 2015 at 3:48 pm
      Reply

      Yes it was quick.

  13. CHEF-KOCH said on April 10, 2015 at 1:47 am
    Reply

    I’m using DNSCrypt (works on every platform including Android) + OpenNIC/CloudNS. Most of above listed DNS providers aren’t open source.

  14. AJ North said on April 19, 2015 at 12:26 pm
    Reply

    Somehow I became a beta tester for OpenDNS, back about 2002 or 2003, and have used them ever since. In about 2005, I mentioned it to Brian Krebs (of Krebs On Security, an excellent and highly recommended site), who then was writing the computer and Internet security column for the Washington Post (every Friday he hosted a two-hour live chat; it was really neat watching questions and comments arrive from literally every corner of the world!). At some point I has mentioned OpenDNS to Brian and asked him for his take; he liked it — a lot — and then wrote a column recommending that folks would be wise to eschew their ISP’s DNS for it.

    Fast forward to the summer of 2008; I was on a cross-country automobile trip from the central coast of Maine to Portland, Oregon, then down to Los Angeles, and finally San Diego, California. In about July (or perhaps August), there was a coordinated world-wide attack on various ISP’s DNS (a Man-In-the-Middle exploit); a whole lot of money disappeared in fairly short order before the breach was discovered and corrected.

    A day or two after most of the dust had settled, Brian wrote a column which began something very much like, “People, I told you to change your DNS to OpenDNS…” – not a direct quote, but fairly close (Brian, if you happen to read this, perhaps you’ve got a copy of that column in your archive and can fill-in the actual history…).

    I’ve run Namebench in various parts of the U.S., and OpenDNS is definitely amongst the top two or three for overall speed, though security remains my primary concern. (And no one who had been using OpenDNS had been affected by the 2008 exploit.)

    1. chesscanoe said on April 19, 2015 at 12:55 pm
      Reply

      A.J. North: Would you care to expand on your last paragraph re OpenDNS? Did you mean you are concerned about security using OpenDNS as opposed to other solutions? Or are you just expressing a concern about security in general when surfing the web? Thanks.

      1. AJ North said on April 19, 2015 at 8:19 pm
        Reply

        Hello chesscanoe,

        That would be both the security conferred by OpenDNS (as compared to the DNS provided by the ISP, rather than to other providers available today), as well as security in general while on the Internet. In no way do I mean to imply that other DNS are are not as, if not even more, secure (or offer more options) than OpenDNS; they just happened to be the first (at least to my awareness), and somehow I just happened to be on a list that brought me in contact with them — more than a decade ago.

        Remember, unlike the past several years, in 2008 (and more so before then), one’s choices for a DNS were exceedingly limited (and very few even knew what it was, much less its significance). Today, of course, there are many different options (as well as software that allows one to easily change their DNS at a moment’s notice) — together with a virtually universal awareness and understanding of the importance of the DNS (at least amongst the technically inclined).

        Hope this answers your question.

        Regards,

        AJN

  15. Jason said on October 20, 2015 at 4:23 pm
    Reply

    Hi, We are building a super fast decentralised DNS system. You can sign up as a beta tester at our site: aware.io

  16. Joker said on October 26, 2015 at 10:38 am
    Reply

    Please remove the Level3-DNS-servers, as they are all redirecting failed DNS-resolutions to some sort of commercial search-engine.

  17. FJA said on December 13, 2015 at 3:30 pm
    Reply

    To Martin Brinkmann : how did you add that list of providers to the list of nameservers?
    I mean these ones:
    Censur Fri DNS: 89.233.43.71, 91.239.100.100
    Comodo Secure DNS: 8.26.56.26, 8.20.247.20
    DNS Watch: 84.200.69.80, 84.200.70.40
    Free DNS: 37.235.1.174. 37.235.1.177
    Green Team DNS: 81.218.119.11, 209.88.198.133
    Level 3: 209.244.0.3, 209.244.0.4
    Norton ConnectSafe: 199.85.126.10, 199.85.127.10
    Open Nic: 107.150.40.234, 50.116.23.211
    Safe DNS: 195.46.39.39, 195.46.39.40
    Smart Viper: 208.76.50.50, 208.76.51.51

  18. John Doe said on March 2, 2016 at 9:43 am
    Reply

    I’m using DNScrypt on every device either on my linux PC, android phone, openwrt router etc… Security first, performance second!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.