Google Public DNS

http://code.google.com/speed/public-dns/

What is Google Public DNS?

Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider.

To try it out:

  • Configure your network settings to use the IP addresses 8.8.8.8 and 8.8.4.4 as your DNS servers or
  • Read our configuration instructions.
If you decide to try Google Public DNS, your client programs will perform all DNS lookups using Google Public DNS.

Why does DNS matter?

The DNS protocol is an important part of the web's infrastructure, serving as the Internet's phone book: every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they start loading, so your computer may be performing hundreds of lookups a day.

Why should you try Google Public DNS?

By using Google Public DNS you can:

FAQ

I looked online and it seems that there are a lot of issues with open resolvers such as DDoS attacks, large-scale spoofing etc. Why did you make Google Public DNS an open resolver?
There are many articles online about some of the threats that open resolvers face. We made a conscious decision to be open and we have taken what we believe to be adequate precautions. See the security benefits page for information on the precautions we have taken to help protect our users from spoofing and cache poisoning, and to mitigate DNS-based DDoS attacks.


General

What is Google Public DNS?
Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider.
Why is Google working on a DNS service?
We believe that a faster and safer DNS infrastructure could significantly improve the web browsing experience. Google Public DNS has made many improvements in the areas of speed, security, and validity of results. We've shared these improvements in our documentation, to contribute to an ongoing conversation within the web community.
Can I use Google Public DNS to host my domain name or website?
No. Google Public DNS is not an authoritative nameserver or hosting service. There are no plans to offer any DNS registration or hosting services with Google Public DNS.
Does Google Public DNS offer the ability to block or filter out unwanted sites?
No. Google Public DNS is purely a DNS resolution and caching server; it does not perform any blocking or filtering of any kind. We believe that such functionality is best performed by the client. If you are interested in enabling such functionality, you should consider installing a client-side application or browser add-on for this purpose.
Are Googlers using Google Public DNS?
Yes. We launched Google Public DNS to Googlers a couple of months ago and we have been using it to power our wi-fi networks for visitors as well as our free public wi-fi network in Mountain View.
Are there any cross-product dependencies with Google Public DNS?
Google Public DNS is an independent service.
Do I need a Google Account to use Google Public DNS?
No.
How is Google Public DNS different from my ISP's DNS service or other open DNS resolvers? How can I tell if it is better?
Open resolvers and your ISP all offer DNS resolution services. We invite you to try Google Public DNS as your primary or secondary DNS resolver along with any other alternate DNS services. There are many things to consider when identifying a DNS resolver that works for you, such as speed, reliability, security, and validity of responses. Unlike Google Public DNS, some ISPs and open resolvers block, filter, or redirect DNS responses.
How does Google Public DNS handle non-existent domains?
If you issue a query for a domain name that does not exist, Google Public DNS always returns an NXDOMAIN record, as per the DNS protocol standards. The browser should show this response as a DNS error. If, instead, you receive any response other than an error message (for example, you are redirected to another page), this could be the result of the following:
  • A client-side application such as a browser plug-in is displaying an alternate page for a non-existent domain.
  • Some ISPs may intercept and replace all NXDOMAIN responses with responses that lead to their own servers. If you are concerned that your ISP is intercepting Google Public DNS requests or responses, you should contact your ISP.
Will Google Public DNS be used to serve ads in the future?
No. We are committed to preserving the integrity of the DNS protocol. Google Public DNS will never return the address of an ad server for a non-existent domain.

Use and support

I am using another DNS service now. Can I also use Google Public DNS?
Yes. You can set Google Public DNS to be your primary or secondary DNS resolver, along with your current DNS resolver. Please remember that operating systems treat DNS resolvers differently: some will only use your primary DNS resolver and use the secondary in case the primary one fails, while others will round-robin among each of the resolvers.
Is Google Public DNS suitable for all types of Internet-enabled devices?
Yes. However, in some cases, especially with mobile phones, your experience might not be optimal in terms of speed.
Can I run Google Public DNS on my office computer?
Some offices have private networks that allow you to access domains that you can't access outside of work. Using Google Public DNS might limit your access to these private domains. Please check your IT department's policy before using Google Public DNS on your office computer.
In which countries is Google Public DNS available?
It is available to Internet users around the world, though your experience may vary greatly based on your specific location.
Does Google Public DNS work with all ISPs?
Google Public DNS should work with most ISPs, assuming you have access to change your network DNS settings.
Do I need to use both Google Public DNS IP addresses?
No. You can use Google as your primary service by just using one of the IP addresses. However, be sure not to specify one address as both primary and secondary servers.
Does it matter in what order I specify the IP addresses?
No, the order does not matter. Either IP can be your primary or secondary name server.
What is the SLA for the service?
As this is an experimental launch, we are not providing an SLA for this service at this time.
I'm running an ISP. Can I redirect all my users to Google Public DNS?
At this time, Google Public DNS is an experimental service without an SLA, intended for individual users. If you do use Google Public DNS, we recommend that you ensure that your users have a backup or failover service.
How can I get support from the Google Public DNS team?
We recommend that you join our Google Groups to get useful updates from the team and ask any questions you have. You can also check our Twitter channel for the latest status on Google Public DNS. If you need automated telephone support, see the telephone contact information.

Technical

Where are your servers currently located?
Google Public DNS servers are available worldwide.
How does Google Public DNS know which data center to send me to?
Google Public DNS uses anycast routing to direct all packets to the closest DNS server. For more information on anycast routing, see the Wikipedia entry.
Does Google Public DNS support the DNSSEC protocol?
Google Public DNS supports EDNS0 extensions, which means that we accept and forward DNSSEC-formatted messages; however, we do not yet validate responses. We will continue to work on improving Google Public DNS.
Is Google Public DNS based on open source software, such as BIND?
No. Google Public DNS is Google's own implementation of the DNS standards.
Does Google Public DNS comply with the DNS standards set forth by the IETF?
Yes.
Are there plans to release Google Public DNS code as open source software?
At this time, there are no plans to open source Google Public DNS, but we have detailed all the steps we have taken to increase speed, security, and standards compliance.
Does Google Public DNS support IPv6?
Google Public DNS can respond to requests for IPv6 addresses (AAAA requests), but it does not yet support native IPv6 transport and cannot talk to IPv6-only authoritative nameservers. Clients should use IPv4 network connections to use Google Public DNS.
I looked online and it seems that there are a lot of issues with open resolvers such as DDoS attacks, large-scale spoofing etc. Why did you make Google Public DNS an open resolver?
There are many articles online about some of the threats that open resolvers face. We made a conscious decision to be open and we have taken what we believe to be adequate precautions. See the security benefits page for information on the precautions we have taken to help protect our users from spoofing and cache poisoning, and to mitigate DNS-based DDoS attacks.
Are there tools that I can use to test the performance of Google Public DNS against that of other DNS services?
There are many freely available tools that you can use to measure Google Public DNS' response time. We recommend Namebench. Regardless of the tool you use, you should run the tool against a large number of domains — more than 5000 — to ensure statistically significant results. Although the tests take longer to run, using a minimum of 5000 domains ensures that variability due to network latency (packet loss and retransmits) is minimized, and that Google Public DNS' large name cache is thoroughly exercised.
To set the number of domains in Namebench, use the Number of tests GUI option or the -t command line flag; see the Namebench documentation for more information.
When I run ping or traceroute against the Google Public DNS resolvers, the response latency is higher than that of other services. Does this mean Google Public DNS is always slower?
No. In addition to the ping time, you also need to consider the average time to resolve a name. For example, if your ISP has a ping time of 20 ms, but a mean name resolution time of 500 ms, the overall average response time is 520 ms. If Google Public DNS has a ping time of 300 ms, but resolves many names in 1 ms, the overall average response time is 301 ms. To get a better comparison, we recommend that you test the name resolutions of a large set of domains.

Privacy

What information does Google log when I use the Google Public DNS service?
Google Public DNS complies with Google's main privacy policy, which you can view at our Privacy Center. With Google Public DNS, we collect IP address (only temporarily) and ISP and location information (in permanent logs) for the purpose of making our service faster, better and more secure. Specifically, we use this data to conduct debugging, to analyze abuse phenomena and to improve our prefetching feature. After 24 hours, we erase any IP information. For more information, read the Google Public DNS privacy page.
Is any of the information collected stored with my Google account?
No.
Does Google share the information it collects from the Google Public DNS service with anyone else?
No.
Is information about my queries to Google Public DNS shared with other Google properties, such as Search, Gmail, ads networks, etc.?
No.
Comments