ThousandEyes, a network intelligence company with the ability to monitor performance from hundreds of vantage points across the Internet, has insight into a variety of services across the globe, including public DNS service providers. In this article, we’ll dive into our results from testing 10 of the most popular public DNS resolvers, with the goal of helping you make informed conclusions about your choice of provider. We observed a wide range of performance across different services, both globally and from region to region.
The Domain Name System (DNS) is the internet’s system for converting alphabetic web addresses into numeric IP addresses. If a given service’s DNS records are unavailable, the service is effectively down and inaccessible to everyone. DNS can also have a substantial impact on page load time and web page performance. While it’s just the first step of many in the page load process (see the below image), any increase in DNS lookup time will directly increase load times. DNS lookup time, in turn, is directly affected by latency to the DNS server.
Why Use Public DNS?
By default, your device will use your company’s or ISP’s DNS servers. However, there are a number of reasons why users might change their DNS configuration to use public third-party DNS resolvers, including:
- Performance and feature improvements: A public DNS service may be better in a number of different ways, including speed, reliability, caching, security, validity of results and features like parental control.
- Circumvention of censorship or geoblocking: Using an alternative resolver can help get around DNS blocks due to government- or ISP-level restrictions.
When choosing services, keep in mind that public DNS providers represent a wide range of organizations with different motivations. Some are ISPs like Level 3, major DNS providers like OpenDNS, or large Internet companies like Google which provides DNS as an act of goodwill to the web community and may also benefit from gaining access to information about user web browsing habits. Others like OpenNIC, a nonprofit user-owned and controlled cooperative, aim to provide a decentralized alternative to other DNS services.
To compare the performance of a wide range of popular public DNS providers, we set up latency tests to the primary IP address for each provider. Our tests send a request every hour from around 300 vantage points in almost 50 countries and 200 networks (autonomous systems). Each vantage point measures the latency between it and the nearest recursive resolver (using anycast) for each public DNS provider.
We tested 10 of the most popular public DNS providers: Comodo, DNS.WATCH, Dyn, FreeDNS, Google, Level 3, OpenDNS, OpenNIC, SafeDNS and Verisign. [Disclosure: Verisign is a ThousandEyes customer, as noted on their official website. ThousandEyes has assured Network World that this fact did not impact the findings provided in this piece.] Starting in March 2017 we collected data for 30 days, resulting in more than 200,000 data points for each of these providers.
Results: Google continues to outperform
Looking at latency to all of the providers averaged across all geographic regions, Google has the clear lead, with an overall mean latency of 33 ms.
If we look at mean latency over time, we see that there are few large fluctuations. This is a much more stable picture than the one we saw in our analysis from 2015, where fluctuations were both large and frequent. This is a good thing—latency to these public DNS services is much more stable and predictable than it was two years ago.
But from a different perspective, the picture of public DNS looks very much the same. The providers’ “rankings” and their levels of mean latency all look very similar to what they did in 2015, with the biggest exception being OpenNIC. From 2015, OpenNIC improved from last place at a mean latency of 159 ms to fifth place at 75 ms in 2017.
However, OpenNIC’s significant improvement is not due to any addition of public servers—the total number of public servers was 77 in 2015 and 78 at the time of writing. Instead, performance improved because OpenNIC introduced anycast IP addresses after our study in 2015. In 2015, we targeted a US server; this time, we tested to an anycast IP address. As a result, performance looks much better from a global perspective. The addition of anycast IPs can help with performance and convenience for a lot of users, who no longer need to guess at the closest or most performant public server for them to use.
On the other hand, OpenNIC is unique in that it is user-owned and controlled, so the set of available public DNS servers, as well as their performance, likely fluctuate more often than that of other public DNS services. As an example, our test to OpenNIC observed that latency from vantage points in Africa jumped from 35 ms to 180 ms on April 10, and never recovered.
We’ve seen that Google leads on a global basis, but how does it do on a regional basis? The below table shows mean latency broken out by continent for each provider, and it remains clear that Google has the most consistently good performance from around the world. Google has the lowest latency in Europe, Latin America and Asia, and among the lowest in North America and Africa.
In addition, OpenDNS significantly improved its latency in Africa, from 102 ms in 2015 to 23 ms in 2017. This is likely largely due to its new Johannesburg data center, which opened in April 2015 after our 2015 measurements began.
This trend isn’t isolated to just Google. The frontrunners, including Google and OpenDNS, generally have consistently high performance from vantage points around the world; latency measurements to these providers have very low variance. In contrast, the providers with much lower performance (like FreeDNS) have much higher variation in measurements of latency—see the below box.
In a box and whiskers chart, the middle dot is the median, and the upper and lower dots are the maximum and minimum values, respectively. The line expands from the median value upward to the third quartile and downward to the first quartile, so the height of the line represents the middle 50% interval of all values.
Why Google leads the pack
Google is the clear leader in most regions around the world, and among the frontrunners everywhere. If you decide to use a public DNS service, your best bet from anywhere in the world is to use Google’s 126.96.36.199. This finding has been true for some time now, based on our findings from 2015 and 2011.
So why has Google been so fast for so long? Google has maintained very low latencies because it has been able to serve queries from a huge number of locations around the world. Not only are DNS records served up from its roughly 20 data centers, but also via edge caches in its many global points of presence (POPs) and in ISP and access networks. So Google is able to serve up records from locations very close to the end user, resulting in very low latencies.
We can see this if we look at the hop-by-hop network path taken by traffic traveling from our monitoring points around the world to Google’s primary IP address for its public DNS service, 188.8.131.52. Looking at the penultimate hops right before traffic enters Google’s network, we see a range of different locations, indicating that our probes are accessing many different POPs around the world. In the vast majority of cases, those penultimate hops are located in the same city as the monitoring points—Google’s many POPs around the world have ensured that it can serve DNS records from very close distances.
While Google will likely continue to lead the public DNS space due to the sheer number of POPs it can serve records from, monitoring and measuring performance to public DNS services can prove useful. The landscape of public DNS is constantly changing, as we’ve seen with the introduction of new data centers and the changing sets of available and high-performing servers and POPs.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.