Scott.Buffington.me

I have been an OpenDNS user for a few years now and I have been very happy using OpenDNS instead of Comcast's default DNS servers. While I noticed a improvement with how quickly pages loaded when switching to OpenDNS; some folks likely will not as mostly the change would be within a few milliseconds. However when I switched Comcast's DNS seemed to be having some problems with name resolution and it was well documented that Comcast's DNS servers were unpatched and vulnerable to a well known hack. I also liked the anit-phishing, malware and botnet protection. I recall at least one instance where the anti-phishing features saved a family member after clicking on a link in an email. There are numerous other features to like about OpenDNS as well, including web content filtering that will likely come in handy as the kids get older.

A few months ago Google announced that they were also providing public DNS, though they were skipping some of the extra features OpenDNS provides and opting instead to go with DNS that followed the standards exactly. This is still generally a nice alternative to what your ISP is likely providing and Google Public DNS does protect from malware. So while Google chooses not to offer any filtering they still have a secure and for many, faster DNS service.

I also use a number of Google services and I generally feel pretty comfortable with what Google offers. Although I do not have one complaint with OpenDNS and certainly have had no issues with my DNS experience. I decided that it might be worth looking at how fast Google Public DNS is compared to OpenDNS. I used this bash script which uses dig to test the speed of both DNS services. If you run from Linux, be sure dig is installed, dig ships installed by default on Mac OS X and BSD. The script will also provide results for your current DNS settings, so you will know if your ISP DNS settings beat either Google or OpenDNS.

#!/bin/bash
isp=$(dig +noall +stats 2>&1 | awk '$2~/^SERVER:$/{split($3,dnsip,"#");print dnsip[1]}');
m="-------------------------------------------------------------------------------";
s=" ";
h="+${m:0:25}+${m:0:12}+${m:0:12}+${m:0:12}+";
header=("Domain${s:0:23}" "My ISP${s:0:10}" "Google${s:0:10}" "OpenDNS${s:0:10}");
echo "${h}";
echo "| ${header[0]:0:23} | ${header[1]:0:10} | ${header[2]:0:10} | ${header[3]:0:10} |";
echo "${h}";
for i in "yahoo.com" "identi.ca" "twitter.com" "brutaldeluxe.us" "google.com" "bbc.co.uk" "scott.buffington.me";
do
ii="${i}${s:23}";
echo -n "| ${ii:0:23} |";
for j in "${isp}" "8.8.8.8" "208.67.222.222";
do
r="${s:10}$(dig +noall +stats +time=9 @${j} ${i} 2>&1 | awk '$2~/^Query$/{print $4" "$5}')";
echo -n " ${r:${#r}-10} |";
done
echo -ne "\n${h}\n";
done

While this probably is not an optimal test, I have to believe it gives a pretty accurate result for the speed of each lookup service. It appears that here in Lower Swatara Township, Pennsylvania that OpenDNS is faster.

+-------------------------+------------+------------+
| Domain | Google | OpenDNS |
+-------------------------+------------+------------+
| lifehacker.com | 27 msec | 19 msec |
+-------------------------+------------+------------+
| identi.ca | 27 msec | 18 msec |
+-------------------------+------------+------------+
| twitter.com | 30 msec | 19 msec |
+-------------------------+------------+------------+
| brutaldeluxe.us | 28 msec | 18 msec |
+-------------------------+------------+------------+
| google.com | 48 msec | 17 msec |
+-------------------------+------------+------------+
| bbc.co.uk | 27 msec | 20 msec |
+-------------------------+------------+------------+
| scott.buffington.me | 28 msec | 17 msec |
+-------------------------+------------+------------+