Last week, Google announced that it is now offering free public DNS servers.  I have long been an advocate of using OpenDNS in place of the default DNS offered by your ISP, but being intrigued by all things Google, I had to check out their offering as well.  Before I share my experiences and explain why you should consider a change, here is a little background on DNS, the internet’s phonebook.

DNS or the “Domain Name System” is a backbone service of our everyday life on the internet.  While some users are aware of it most are not unless it breaks, at which point they find themselves unable to reach their favorite websites, and this does happen from time to time. Computers on the internet locate each other via IP addresses such as 69.63.181.11 — go ahead and type that string of numbers and periods into your web browser and see where it takes you.  Since it would be difficult for the average human being to remember the unique set of numbers for the many websites they want to visit, DNS was developed as a sort of universal phonebook that matches easy to remember domain names like “google.com” or “whitehouse.gov” to the respective set of numbers which is their true address on the internet.  Most internet users by default get DNS from their ISP (Internet Service Provider), who view DNS not as a key service, but as a necessity to selling internet access.  These days it is worth considering alternatives to what your ISP gives you by default since DNS has evolved over the past 3 decades as the use of the internet has changed and expanded significantly.  Even more so since the sheer number of users and real threats from hackers have driven the development of more robust, secure, and higher performance approaches to providing this vital service to the internet community.

In considering DNS alternatives, the key factors are speed, reliability, and security.  Below is an overview of my comparisons of OpenDNS to Google DNS at home:

SPEED
When you type a website address into your browser, that website location is first sent to your DNS provider for a real internet address to be looked up, or resolved to an IP Address as mentioned above.  Many websites today are really a combination of pieces from multiple locations, meaning that it could take a dozen or more DNS lookups to provide all the content contained on one page.  The less time each lookup takes, the more quickly you are on your way to the website you want to reach.  If things are working well, each lookup should take 10-50 milliseconds, or .01 to .05 seconds. 

Both OpenDNS and Google DNS have good solutions for speed.  OpenDNS currently has a more mature infrastructure and architecture along with a long term proven track record.  Coupled with the results of my own testing (more on this below), OpenDNS is the winner in this category.

RELIABILITY
Your DNS provider should always be available, even during periods of heavy activity when you ask for an internet address and it should never have out of date information.  There should be provisions against Cache Poisoning, DoS attacks or anything else that could prevent you from reaching your intended destination on the internet. 

Once again, OpenDNS has a significant track record in this space, while Google is building on a massive global network and a wealth of experience in providing massively large scale computing services over the internet.  I call this item a draw, since I believe that the services are about on par.

SECURITY
Besides implementing a design that insulates itself from DoS and other attacks as mentioned above, your DNS provider can also bolster your general security on the internet by preventing you from reaching known Malware and Phishing sites.  These are websites that deceive you into visiting in an attempt to install viruses or other software on your computer that could steal your identity and financial data or leverage your computer for nefarious purposes such as becoming a node in a Botnet without your even knowing it.  There is also an opportunity for your DNS provider to function as a content filter, keeping you or people you care about away from websites that you specify in categories like pornography, gambling, drugs, hate, etc.

While both Google DNS and OpenDNS have implemented significant security measures to maintain the integrity of their own services, only OpenDNS currently offers additional layers of security for the end user against Malware, Phishing along with Content Filtering.  This is a big advantage for OpenDNS, but I have a feeling Google will step up in this area soon.

OTHER FACTORS
Many Internet Service Providers are now displaying a web page with search results when you ask for a website address that cannot be resolved to a known IP address.  Many times this is due to a typo, and the search page attempts to find words that closely match what was entered in the address bar of the web browser.  As with search providers like Yahoo and Google, these search pages can provide a source of revenue for the ISP.  OpenDNS has a similar approach, which is how it makes money from the free version of its DNS product.  This is a detractor for some who take their privacy very seriously.  OpenDNS addresses these concerns and other privacy issues here. While Google Public DNS does not redirect to a search page for unknown websites, there are some that worry about allowing Google to gain yet another layer of insight into the places we visit on the internet.  Google addresses the privacy issue here.

COMPARING THE OPTIONS
Your ISP includes DNS services free of charge.  Google’s Public DNS Servers are also free, while OpenDNS has both free and “pay-for” offerings. If you want to get a feel for which DNS provider will work best for you before making any configuration changes to your computer or router, check out Namebench from Google. This clever utility will run a robust set of lookups using data from your own browsing history against a variety of DNS providers, and present a report on their respective performance from your location.  Even though Google made the utility, it does not appear to favor it’s own DNS servers in the results and although speed is not necessarily the ultimate factor to consider, it is sure a good place to start. 

MY DECISION
After weighing the factors above and running some comparative tests, OpenDNS remains my DNS provider of choice.  It performs as well or better than any other option including my ISP’s DNS servers, and significantly better than Google’s.  With the added security and content filtering benefits that I like to use, it is an easy choice for me to stick with OpenDNS.  I will continue to keep an eye on Google as they develop their DNS offering as well as anything else that comes up on the horizon in this technology space.

HOW TO DECIDE FOR YOURSELF
You may be perfectly happy with the default DNS services provided by your ISP, and in some cases that may be the speediest solution, but if you have concerns about security on the internet (and you should) or want to see if your internet experience can be improved with a change in DNS providers, I highly recommend trying out both OpenDNS and Google DNS and comparing the performance and features to what your ISP provides by default.  As mentioned above, Namebench is a tool that can help you test the performance of the various DNS options.  If you do want to try a different DNS provider, the change is quick and simple and can be performed right on your local computer, which will only effect that one system or on your router which will effect all computers that access the internet through the router. 

Here the instructions to try out OpenDNS

Here are the instructions to try out Google DNS