Understanding Open DNS
First, let’s explain what is DNS. DNS means Domain Name System – the protocol that provides the framework for web browsing. It is a system of computers located throughout the world that provides the infrastructure allowing browsing of the World Wide Web. When you enter, for instance, wikipedia.org, DNS converts that easily recognizable domain name (called an ip namespace) to a numerical address that has been assigned to that particular domain name.
The problem with how DNS is configured is that it is typically set up by the respective ISP for a customer.
DNS, as configured by default, can have a negative impact on web browsing. These problems are a result from one or a combination of two issues:
Geographic location of DNS servers: This is becoming less of a issue today, but poses a problem when end users are making DNS requests over slower speed links. Not all DNS servers are in prime locations; this is a bigger issue for customers who are in rural areas and being served by smaller, regional, ISPs.
Over-burdened DNS servers: Again, this is more likely to happen with DNS servers hosted by smaller ISPs, but I’ve seen it within Southern Florida Comcast and ATT systems. If an end user’s router or home PC is pointing to DNS servers that can’t handle their request load effectively, overall response performance suffers and web browsing slows.
Changing DNS server settings is fairly easy for any home user or a computer technician from Coast Computing can help.
DNS adjustments should be made at the router. There are benefits to making DNS changes at the router level because:
- Everyone will not have to adjust their systems; only the common router will need the adjustment.
- It will speed up (and clean up) web browsing for all users on a given connection.
- You can even offer further browsing redundancy by choosing primary and secondary DNS servers that span different providers (say, Google DNS and OpenDNS).
Some techs claim that ISP provided DNS settings work fine. Everyone’s needs from DNS and relative performance on a given pair of DNS servers will be different. Much of this stems from what was mentioned earlier regarding location, burden, and other factors. But it’s what you don’t know about alternative DNS solutions that get interesting.
While Google DNS provides a speedy alternative to what ISPs offer, OpenDNS takes this concept one step further. The company employs specialized technology that actually spans DNS requests to datacenters that are closest to your location geographically without any intervention. In addition, because they handle so many requests from different parts of the world, they have the most up-to-date single repository for where everything is on the web. This significantly reduces the need for them to “ask” other DNS servers where a website or file may be located.
Another key benefit is how OpenDNS provides malware blocking at the network level. This is accomplished by sifting out known-infected websites and files before you can get to them. This is beneficial because, by default, ISP provided DNS servers typically do not filter out the responses they provide. Even if you mistakenly type in the address of a completely known and virulent malware site, chances are your ISP will take you there.
One of the biggest contributors to the spread of malware today is that end users can’t always recognize bad links in search results, and are visiting pages on the web where they typically should not visit. OpenDNS takes the guesswork out of this process because it maintains a centralized blacklist of bad sites that is in effect for all users of the service. For customers of mine that have bad histories with such links, OpenDNS is always a good recommendation for a defense against sites containing malware.
In addition, OpenDNS offers paid levels of service for home and business customers. Home users can benefit from the parental control functionality via custom block lists and category-powered filtering of their home internet connection.
There’s no client software to install, no signature updates to worry about, and it affects EVERY device that wants to use internet in a home – which means any young visitors won’t be able to bypass filters merely by bringing their own computers.
The business level subscription to OpenDNS provides advanced logs, web access control for workers, strict malware and botnet prevention options, and website blocking.
If you want to switch to OpenDNS on your own, here are the two DNS servers that they publish Follow their instructions page for generic guidance; consult Coast Computing for in-depth configuration:
- PRIMARY: 220.127.116.11
- SECONDARY: 18.104.22.168
I try to take a balanced approach in customers setup using a hybrid combination of OpenDNS as the primary server, and Google DNS as the secondary server. You don’t have to do this, but I feel that if for some reason OpenDNS has outages across both of their systems, at least your router can then tunnel DNS requests to a complete third party. For redundancy, this is a great approach. My preferred router configuration happens to look like this:
- PRIMARY (OpenDNS): 22.214.171.124 or 126.96.36.199
- SECONDARY (Google DNS): 188.8.131.52 or 184.108.40.206
Give the above combination a try to see if your website browsing speed is improved. You will also gain the transparent malware blocking and phishing protection that OpenDNS utilizes.