[AusNOG] 1.1.1.1 DNS resolvers

Gavin Tweedie gavin.tweedie at megaport.com
Mon Apr 2 11:55:48 EST 2018 

I burnt a few of my RIPE Atlas credits last night and did a traceroute from
every probe in AU & NZ (221 of them) to the following "popular" open
resolvers.
(if you want to host one so you can earn some credits of your own and
there's not one in your ASN yet then email me directly - or learn more at
https://atlas.ripe.net)

Results:

   - 1.1.1.1 (Cloudflare) @
   https://atlas.ripe.net/measurements/11899869/#!map
   - 8.8.8.8 (Google) @ https://atlas.ripe.net/measurements/11899870/#!map
   - 9.9.9.9 (PCH) @ https://atlas.ripe.net/measurements/11899871/#!map
   - 208.67.222.222 (OpenDNS) @
   https://atlas.ripe.net/measurements/11899872/#!map


Interestingly ignoring all other metrics (and if centralising recursive DNS
is a good idea) and just looking at number of probes with RTT over 100msec,
a random number I picked - who wants a DNS server 100ms away?..

   - 1.1.1.1 = None above 100ms (4** didn't get to the last hop - 1.0.0.0/8
   issues perhaps?)
   - 8.8.8.8 = 5 above 100ms
   - 9.9.9.9 = 39 above 100ms (of which 1 was above 200ms!)
   - 208.67.222.222 = 6 above 100ms (of which 4 were above 200ms!)


** One probe didn't get to the last hop on any of the traceroutes, so I
excluded it from the above numbers.

If you do use one of these then choose carefully as you could end up with
very high DNS RTTs  from some networks.
If anyone wants me to run the same against another public resolver let me
know, and I'll post the results again. Maybe I'll run this again in a month
and see who's improved and who hasn't if there is interest.

Gav

On 2 April 2018 at 09:02, James Deck <jdeck at 1300webpro.com.au> wrote:

> We've been using 9.9.9.9, which does not resolve some known "bad" traffic
> (eg. phishing).
>
> My understanding is that the have been unable to peer to the major ISPs
> here, so their traffic routes aren't always direct, but I like the security
> aspect of it.
>
> https://www.quad9.net/
>
>
> ​Kind Regards, ​
>> James Deck
> Managing Director
> 1300 Web Pro
> p
> *1300 932 776* <1300932776>
> e
> *jdeck at 1300webpro.com.au* <jdeck at 1300webpro.com.au>
> w
> *1300webpro.com.au* <https://www.1300webpro.com.au/>
> a
> Unit 22, 489 South Street
> Toowoomba
> 4350
>
> Unit 14, 17 Karp Court
> Bundall
> 4217
>
> *Need help? Click here to log a job online...*
> <https://www.1300webpro.com.au/support/>
> [image: facebook] <https://www.facebook.com/1300WebPro> [image: See our
> Web Chats] <https://www.1300webpro.com.au/our-webchat/> [image: Subscribe
> to our Newsletter and Webchats]
> <https://www.1300webpro.com.au/our-webchat/>
>
> On 2 Apr 2018, at 10:12 am, Andrew Yager <andrew at rwts.com.au> wrote:
>
> Hi All,
>
> In case you missed it, despite Easter and April Fools day, CloudFlare, in
> conjunction APNIC have launched a new public DNS server at 1.1.1.1 and
> 1.0.0.1 (IPv4) and 2606:4700:4700::1111 and 2606:4700:4007::1001 (IPv6).
>
> Details are:
>
> https://1.1.1.1/
> https://blog.cloudflare.com/announcing-1111/
> https://labs.apnic.net/?p=1127
>
> Quick tests have suggested it is quite fast compared with Google's
> resolvers (seeing an average of 23ms on queries as opposed to an average of
> 700ms) and sensible results on CDN queries.
>
> While initially a 5 year research project, it does look quite promising
> from my 20 minute digging around.
>
> Happy easter all :)
>
> Andrew
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>


-- 
Global Interconnection Director
Megaport <https://www.megaport.com>
+61 498 498 458
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180402/79801781/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image309484.png
Type: image/png
Size: 5762 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180402/79801781/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image260436.png
Type: image/png
Size: 6710 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180402/79801781/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image958288.png
Type: image/png
Size: 722 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180402/79801781/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image548741.png
Type: image/png
Size: 465 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180402/79801781/attachment-0003.png>

More information about the AusNOG mailing list