Cloudflare announced the launch of its new public DNS service 126.96.36.199 on April 1, 2018. The company promised in the announcement that 188.8.131.52 would offer faster speeds and better privacy than other public DNS systems provided by companies such as Google, Yandex or Cisco. Let us find out if the promises hold up to a closer inspection of the service.
Note: The company decided to launch the new service on April 1, 2018. That's a red flag usually as tech companies make all sorts of April Fools jokes on the day. It appears, however, that 184.108.40.206 is real and not a joke.
DNS plays an important part on the Internet. Computers use IP addresses for communication but that would be terrible for humans who have a hard time remembering numbers. Would you prefer to visit startpage.com or 220.127.116.11?
DNS is the system that translates domain names to IP addresses so that computers know what to do. Most computer users probably use the DNS service that comes with the Internet connection; it is used by default but usually not the fastest nor most private.
Several ISPs started to monetize DNS by displaying custom error pages when a site can't be accessed.
Privacy and censorship are two additional areas that Internet users need to consider when it comes to DNS. Requests that you make on a device use the configured DNS provider which means that the provider knows exactly what you do on the Internet.
This is true even if you connect to HTTPS sites only, and may even be true for some VPN services that don't protect against DNS leaks. Internet Service Providers in the United States may sell customer data and the two viable options that customers have is to change the DNS provider or use a VPN service that uses its own DNS system.
DNS censorship is quite common as it is easy to implement. It is not strong as it can be bypassed easily. Basically, what happens is that Internet Service Providers change the IP address a domain name resolves to. This redirects users to a different web page, for instance an error page, a warning page, or a government domain, instead of the desired domain.
First, the basics: Cloudflare's public DNS has the IP addresses 18.104.22.168 and 22.214.171.124. How you add those to your system depends largely on the operating system you use.
Windows users may do the following:
Tip: You can open 126.96.36.199 in your browser. The website offers setup instructions for Windows, Linux, and Mac devices, for iPhone and Android, and for routers.
A quick performance test using Gibson's DNS Benchmark program for Windows confirmed that Cloudflare's DNS servers are fast; not the fastest, but very fast when compared to other providers.
Your mileage may vary as it may depend on your location. I suggest you run benchmarks if speed is your primary consideration when it comes to DNS. You may use Namebench or the aforementioned DNS Benchmark for that.
Cloudflare promises that it never writes the IP address of the querying system to disk and that the company wipes all logs within 24 hours.
The company hired KPMG, an auditing firm, to audit the source code and practices annually and release the report to the public.
Cloudflare DNS supports DNS-over-TLS and DNS-over-HTTPS. Both technologies are open and attempt to limit or eliminate DNS lookups over unencrypted connections.
We think DNS-over-HTTPS is particularly promising — fast, easier to parse, and encrypted. To date, Google was the only scale provider supporting DNS-over-HTTPS. For obvious reasons, however, non-Chrome browsers and non-Android operating systems have been reluctant to build a service that sends data to a competitor. We're hoping that with an independent DNS-over-HTTPS service now available, we'll see more experiments from browsers, operating systems, routers, and apps to support the protocol.
Cloudflare operates one of the largest infrastructures and the company's DNS service benefits from that infrastructure as it is one of the fastest available services.
The no-IP logging and 24-hour log deleting policy, and implementation of DNS-over-TLS and DNS-over-HTTPS, are welcome additions.
Cloudflare is not without controversy and there will certainly be users who won't use the company's DNS servers.
Now You: which DNS provider do you use, and why?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.