How to Find the Best DNS Server

5/12/2014 How to Find the Best DNS Server

http://www.techsupportalert.com/content/how-find-best-dns-server.htm 1/16

How to Find the Best DNS Server

Updated 14. June 2012 - 13:46 by Remah

In a Hurry?

Go straight to the Quick Selection Guide for short detailed summaries of

each product

Go straight to the Change Log to see what's new since the major update

in June 2011

Introduction

DNS servers are the most trusted component of your web browsing experience

but few people understand how they work or how their security vulnerabilities

can cause you problems. I recommend that you read both What DNS Servers

Do and How to Change DNS Server before you change the DNS servers your

system relies upon.

Three free utilities can help you to find the best DNS servers for your

system.These benchmarking programs use their databases of DNS servers to

test those that will give you the best improvement. The best performance is

likely to be from from a mixture of DNS servers that are close to your location

and a global DNS server that has a large database. These programs are

portable (run without installation), use similar methods and provide similar

results. Their reporting is very different so I recommend that you try both

NameBench and DNS Benchmark.

Google NameBench is easy to use and comprehensive but doesn't preview

the DNS servers being benchmarked. It is compatible with Windows, Mac

OS X, and UNIX.

Gibson Research Corporation DNS Benchmark is the program I prefer. It is

a little more complex but provides a lot of documentation and help for each

step. It does preview the servers that will be tested before you run the

actual benchmark. It is a Windows program that also runs in Windows

emulation (Wine) for Mac OS X and Linux.

I recommend DNS Benchmark for all users outside of North America. It

clearly identifies one problem that NameBench does not. My primary DNS

server had slow response times for major dot com sites which usually

have their home in the United States.

DNS Jumper is the simplest with very limited testing. It provides a quick

test of public DNS servers, allows you to customize the DNS server list,

and can change your configuration. It runs under Windows.

There are two sections in this how to guide.

1. How to configure the testing software

2. How to run the tests using NameBench, DNS Benchmark or DNS Jumper.

1. How to configure the test software

Installing the software

These programs run directly from the download and have no install procedure

so they don't alter the Windows registry or add shortcuts to the desktop or

menu.

How to copy the files to the folder you want to run them from



How to copy the files to the folder you want to run them from

They also won't create their own folders to install to so if you want that you

will have to do it yourself.

namebench-1.3.1-Windows.exe and DNSJumper.zip should be unzipped to

the folder you desire.

DNSBench.exe should be copied to the folder you desire.

Download additional files as required

Namebench command line version requires Python 2.5 to 2.7 to be installed.

UNIX and Mac OS X usually have it so it is mainly Windows users who might

have to install it.

Advanced configuration

The average user can skip the rest of this section and go straight to testing.

Editing the configuration files before running the first test

The first test will be the most accurate because it is more likely that the

tested domains will not be cached. Once the test has run then any further

requests for the same domain are likely to be cached. Therefore some

advanced users might want to edit the configuration files before running the

first test.

Namebench has three configuration files in a subfolder (\namebench\config)

of the folder you have unzipped it to:

namebench.cfg is the main configuration file and probably the only one

that you will edit. I edited it to increase number of servers tested and

added more global DNS servers.

It contains the following:

Settings, most of which can be overridden if you use the Python

command line.

Global DNS servers. The default is to test them.

Regional DNS servers. The default is to test them.

hostname_reference.cfg contains two lists of websites.

censored sites which are not tested unless specified

sanity checks sites which are used to check that the returned IP is

correct for the DNS name.

These are tested everytime unless you have a version of NameBench

which includes the option to turn this off, ie download_latest = 1

becomes download_latest=0.

data_sources.cfg points to the sources of the website test list:

List files provided with NameBench

Browser databases

DNS Benchmark has two configuration lists which do not exist when you first

run DNS Benchmark. I created both lists from those tested in NameBench so

that I can compare the results of the two programs.

I opened the NameBench .csv results in Excel, summarized the list of sites and

DNS hosts using two pivot reports (there are other ways to do it), then copied

the lists into the respective files:

DNSBench.ini contains the list of DNS servers to be tested. It is not

created until you decide to add or remove servers using the menu or until

you have run the test to create your own customized list of servers. You

can create many .ini files with different names and add or remove them

from the test list anytime that you like.

domains.txt contains the list of websites to be used for the tests. The

default is the top 50 Alexa sites from 2009, there is also a list of 100 top

Alexa sites. Note that both lists are uncensored so by testing these sites

there is potential for embarrassment or worse. Both files are available at

Resource Files for Advanced Benchmarking.

Once edited you have to run DNS Benchmark with the command line

option:



option:

dnsbench.exe /domains domains.txt

DNS Jumper has one configuration file:

DNSJumper.ini contains the DNS server list, a few program options, and the

text for each language.

To add another DNS server type append it to the list in the format



usually only use the primary DNS server because it removes duplicated/backup/replicated

servers so, for example, Google DNS will only count as one DNS server although Google has

many servers and several IP addresses.

Include best available regional DNS services should be checkmarked because these will

usually be your fastest DNS servers.

Include censorship checks will include websites that are often censored because of

political views, violence and hatred, gambling, etc.

Upload and share your anonymized results should be checkmarked if you want an easy

way to share your results over the Internet. I expect that in the future NameBench will

provide reporting from this database without running a benchmark.

Health Check Performance should be set to Fast (to query 40 DNS servers at a time)

unless you have poor connection in which case set it to Slow (to query 10 DNS servers at

a time).

Number of queries defaults to 250 web sites for each of the 11 DNS servers. You can

speed up the tests by changing it to 50 which is the default for DNS Benchmark.

Query Data Source determines where NameBench gets its list of domain names to test. As

well as five test scenarios , NameBench can extract the information from Camino, Chrome,

Chromium, Epiphany, Firefox, Flock, Galeon, Icab, Internet Explorer, Konqueror, Midori,

Omniweb, Opera, Safari, Seamonkey, Squid and Sunrise.

2. Run the benchmark

First, NameBench checks the connection quality and makes adjustments for the connection

condition. That is why you should not have other Internet activity while running the tests.

NameBench then selects the fastest to benchmark:

checks the DNS servers are available to the test system

performs TTL tests

checks for cache sharing with replicated servers and then removes the slower DNS replicas

selects the DNS servers for benchmarking

The DNS queries are sent to the selected DNS servers.

The results are saved in html and csv formats.

Finally, the html results are displayed in the browser chosen for the test.

3. View the benchmark results.

Click on the images in this review to see the results of a full test that I ran

The primary report is a table.

NameBench presents a recommended configuration for three DNS servers.

The current primary DNS server is highlighted in pale yellow.

In this case, a 5.1% improvement would not be enough to change without doing further

tests to confirm that the improvement is consistent. The red bars indicate timeouts for the

proposed server. In this case, two queries timed out at 3.5 seconds so that is not good

and another reason to test again.

Ignore that "www.paypal.com is hijacked hijacked" because this is a known bug.

Replica DNS servers are indicated so you know which servers have backups available.



There are two types of graph presented. The first are bar graphs of the average and fastest

response times. Note that each graph uses a different scale.

Look at the second graph first because the fastest response time shows you the best that

you can get. This graph shows that network distance, which is similar to geographical

distance, is the main driver for response times. So the response time is roughly proportional

to the distance from my home. The six NZ DNS servers are grouped first then one

Australian DNS server then the four global DNS servers mainly located in the USA.

The averages response time look quite different because the second driver is the size of

the name cache. Global DNS servers perform much better because they have larger name

databases. OpenDNS, Google and UltraDNS are ranked fifth to seventh but still remain 50%

slower than the best regional DNS server.



Then there are line graphs of cumulative response times.

The distribution graphs show what percentage of queries are answered in what period of

time.

The first graph is for the first 200 milliseconds ie 0.2 seconds.

The second graph continues to the 3.5 second default for the timeout.

Although it is available when you first view the results, when you go to the website it will

not be there.

This graph shows how the global providers though slower at the start are much more

consistent with fewer timeouts. By a quarter of a second and 30% awaiting a response

they're competitive. By a third of a second and 10% awaiting a response they're performing

better.

It is the long tail for the slower response times that will be noticeable when you are

browsing. So if you are prepared to live with slower average response times that you don't

notice then you can stop the really slow and annoying response times by using a global

DNS service.

The online results include sample index results for Wikipedia.com and Google.com instead of

presenting the second response distribution graph.

Finally, the benchmark parameters are listed.

Testing with DNS Benchmark



1. Start DNS Benchmark

To view the DNS servers click on the Nameservers tab highlighted above. You will have to wait

about 10 seconds for the list of servers to be loaded.

Your system DNS servers will appear first in the list. The remaining servers are sourced from

DNS Benchmark's list of global servers. The advantage of this approach is that you have the

opportunity to refine the server list before testing.

At this point you can add or remove servers by using either of two menus:

Click on the Add/Remove button to display the first menu shown below.

Click on the system icon at the top left to get the system menu which is a superset of the

Add/Remove menu.



.

The servers can be added or removed individually or in three groups:

Your system DNS servers

The default global servers

Your own .ini file.

You can remove all servers to clear the list and start again. Once complete you can save your

list to an .ini file.

There are two further options that you might consider to prune the list:

Remove dead servers that are not responding. This is well worth doing.

Remove redirecting DNS servers. This might remove DNS servers that you want to avoid

but it will also remove OpenDNS and other filtering DNS servers.

The final option is to build the custom server list without running the global benchmark. If you

want to save time then do this and skip to Create the regional DNS server list.

2. Run the global server DNS benchmark

As well as clicking on "Run Benchmark", you can also click on the Gibson Research Corporation

(GRC) logo to start or stop the benchmark.



At first glance the results point to a much faster DNS server. But the decision is not that clear

cut if you read on below:

Server IP address is in the first column

Server status is in the second column.

The first two servers are

the system DNS servers

as indicated by the solid

green circle.

The other servers are

not the system

DNS servers because

they have hollow circles.

The colour of the circle

indicates the quality of

the connection:

Green = good

Orange = redirecting or hijacking DNS servers

Red = the server is not responding ie is dead. I remove dead servers so there are no

red circles in the example results.

OpenDNS also has a blue circle around the server status. This indicates that IP

addresses reserved for private networks are being blocked. There are four ranges of

addresses so in this case three of the four are being blocked.

Green = both IPv4 and IPv6 reserved private addresses are being blocked

Blue = either IPv4 or IPv6 but not both reserved private addresses are being blocked

The organization owning the DNS server is shown at the right.

The main results display the results of cached queries. DNS Benchmark provides two particularly

useful test results if you check the Show Uncached checkbox:

Uncached queries (green) where the DNS server cache is bypassed.

DotCom queries (blue) for major global websites (dotcoms) that are mainly located in the

United States.

In the example below my primary DNS server has unacceptably slow response for major global

websites (DotComs). This problem was not visible in the NameBench results.

The server that is reported to be fastest is one of my ISP's DNS servers. I should probably

change to it because it is faster and has no problems with DotComs unlike my primary DNS

server. However it does have a problem with lost queries as indicated by the red bar which

displays over the server IP address on the left. It is not a big problem but I would test again to

see if it is a regular problem.

3. Create the regional DNS server list

The Custom Namerserver List is a list of your regional DNS servers that are likely to give you

the best service. DNS Benchmark goes through its database of nearly 5,000 DNS servers to find

those that are likely to perform best for you. It creates the list and then you can run the

benchmark.

While it is creating the list you can see the total number of servers including the following:



Resolved = those you can use

Refused = those that reject your queries maybe because you are in a region that they

don't service

No reply = dead servers

4. Run the regional DNS server benchmark

The regional DNS server benchmark runs the same as the default server benchmark. So the

results apply just the same.

5. View the results

DNS Benchmark displays the results as it works so you will

quickly be able to see which DNS servers are performing the

best. I've drawn a few conclusions from the final results

displayed at right. Note that DNS Benchmark allowed me to

save these results as an image file because a screenshot

wouldn't show enough servers.

By default DNS Benchmark gives you a better comparison

of more servers than NameBench which has to be

configured to provide results for more than 10 servers.

Servers in my country are the fastest. Like NameBench,

DNS Benchmark illustrates the same relationship.

The results illustrate that the primary driver for DNS query

time is the delay (latency) due to the distance between

systems on the Internet. This network distance is roughly

the same as geographical distance. You will notice the

same sort of delay If you ever make a phone call to the

other side of the world.

Query response time = network latency + server processing

time

The speed of the DNS server itself is far less important but

does make a difference where several DNS servers are located in the same region.

You can also see that DNS servers with lost queries tend to perform worse. The lost

queries are indicated by the red bars overlaying the DNS server IP address in the left hand

column. Seven of the eight New Zealand servers with lost queries are the worst performing

in that group.This is likely to be the same in other countries

Remember that DNS Benchmark has several tabs to view the various results:

Nameservers shows you:



Nameservers shows you:

Server name

Server owner

Server status

Server response times

Cached response times are displayed by default

Uncached response times are displayed by checking the box

Tabular Data shows you the numeric results in a small table for each server. The

formatting is text-based so you can export it to any editor.

Conclusions provides you with a comprehensive list of conclusions and recommendations.

These are clearly explained to guide you. In the screenshot below, I have only shown the

start of the first of seven conclusions. It has a positive green tick so there is no action

required. Where DNS Benchmark displays a red cross you will be advised what you should

do to improve your configuration.

6. After completing the benchmark:

The DNS server list will be saved in the default.ini file. As discussed above, you can amend the

list or detete it and start again.

To save the results go to DNS Benchmark's System Menu and select 'Export last results to CSV

file'. DNS Benchmark also provides for saving any of the results pages either as an image file

(.png or .bmp) or a formatted text file (.rtf).

Testing with DNS Jumper

DNS Jumper is relatively simple but I do not rate it highly so I''m only showing the main window

for your information.

1. Select your network card.

2. Add or remove any DNS servers to the DNS Jumper database using the + or - buttons.

3. Find the "Fastest DNS"

The fastest will appear in the "Manual DNS Servers" list.

Response time is displayed in milliseconds.

If the DNS server is invalid or unavailable thenthe result will be "Host is offline"

You can also flush your system's DNS cache but the flush is not as effective as using the

Windows/DOS command "ipconfig /dnsflush"

How to Find the Best DNS Server

Documents

best dns servers

dns jumper

dns serversdo

dns servers yoursystem

databases of dns servers

mixture of dns servers

best dns serverhttp

best dns serverupdated