Our thinking


DNS Speed Testing on Telstra nbn in Melbourne

I’ve recently seen a number of people recommending that I use various 3rd party DNS resolvers – CloudFlare, OpenDNS etc.

One problem I’ve encountered with using some of these DNS servers is that they’re set up for the North American market, and are either not located in Australia or return results for things like Akamai that are not in Australia.

It is important that your DNS server is fast to respond – modern web pages can involve tens of different DNS lookups for things like css, images, scripts, cookies, ads, trackers etc.

It is also important that your DNS server of choice knows where you are. You quickly lose the benefits to a Content Delivery Network (CDN) if the CDN is not located physically close to where you are.

The first piece of this puzzle, response times for DNS servers, is easy to test.

I am using the dnsperftest script, which checks DNS lookup times against a number of popular DNS servers. I’ve also added to the script my two default Telstra DNS servers, one hosted in their Lonsdale St datacenter and one hosted in Windsor.

Test 1 Test 2 Test 3 snip… Test 8 Test 9 Test 10 Average
my router 1 ms 1 ms 1 ms 1 ms 1 ms 1 ms 1 ms
telstra-lonsdale 8 ms 9 ms 9 ms 8 ms 8 ms 24 ms 11 ms
telstra-windsor 8 ms 20 ms 12 ms 8 ms 9 ms 22 ms 13 ms
cloudflare 14 ms 10 ms 8 ms 9 ms 8 ms 18 ms 11 ms
level3 142 ms 139 ms 142 ms 136 ms 138 ms 140 ms 140 ms
google 113 ms 117 ms 22 ms 119 ms 113 ms 113 ms 100 ms
quad9 204 ms 200 ms 199 ms 201 ms 198 ms 199 ms 200 ms
freenom 295 ms 291 ms 294 ms 297 ms 294 ms 295 ms 294 ms
opendns 114 ms 191 ms 9 ms 7 ms 10 ms 9 ms 57 ms
norton 27 ms 23 ms 21 ms 21 ms 21 ms 25 ms 23 ms
cleanbrowsing 24 ms 22 ms 19 ms 22 ms 21 ms 23 ms 22 ms
yandex 408 ms 385 ms 383 ms 436 ms 374 ms 455 ms 407 ms
adguard 21 ms 23 ms 21 ms 20 ms 22 ms 23 ms 22 ms
neustar 25 ms 21 ms 21 ms 22 ms 22 ms 22 ms 22 ms
comodo 262 ms 265 ms 266 ms 266 ms 263 ms 288 ms 268 ms

(I’ve cut out some columns from the middle of the table, but you get the idea…)

From the results, you can see that, aside from the router on my network with sub 1ms response times, Telstra’s own DNS servers were consistently the quickest to respond, closely followed by Cloudflare’s 1.1.1.1 DNS resolver.

Interestingly enough, the Norton ConnectSafe, Cleanbrowsing, AdGuard, and Neustar UltraDNS DNS servers all had good response times as well, indicating that we’re being redirected to a local mirror via anycast. OpenDNS had inconsistent response times, sometimes fast, sometimes not so fast.

I can’t recommend Norton ConnectSafe as they’re retiring the service in November 15 this year (just a few days from now).

Cleanbrowsing is an interesting DNS service as they have family filtering which blocks adult content. They also have paid filters where you can block or allow access to certain categories (like Gaming, Gambling, Torrents etc)

AdGuard use DNS filtering to block ads, trackers, and phishing, as well as having an option to block adult websites.

Neustar don’t appear to offer filtering, they offer security and speed.

OpenDNS do offer filtered DNS, claiming to block malware, phishing and ransomware.

Given how fast 1.1.1.1 is, and it’s very easy to remember, if you’re looking to use a 3rd party DNS service, they would be the one to go with, unless you want to add additional security by using one of the filtered DNS services.

 

 

Leave a Reply