A version of this blog post was published on Network World in May 2017. Read the article on Network World here.
In May 2015, guest blogger Mehmet Akcin wrote about his findings from measuring and comparing latency to a number of popular public DNS services from hundreds of vantage points located across the globe. But two years have passed since then, and the landscape of public DNS continues to change as sites are added and services are optimized. So we’ve decided to replicate Mehmet’s study and provide an update on how the performance of top public DNS resolvers has changed.
In this post, we’ll dive into our results from measuring the performance of 10 popular public DNS providers — for those who use public third party providers, the conclusions can help inform your choice in provider. We observed a wide range of performance across different services, both globally and from region to region.
Why is DNS Important?
The Domain Name System (DNS) is the Internet’s system for converting alphabetic web addresses into numeric IP addresses. Without DNS, users would have no way of obtaining the addresses of the content they want to access. If a given service’s DNS records are unavailable, the service is effectively down and inaccessible to everyone.
DNS can also have a substantial impact on page load time and webpage performance. While it’s just the first step of many in the page load process (see the below image), any increase in DNS lookup time will directly increase load time. DNS lookup time, in turn, is directly affected by latency to the DNS server.
Why Use Public DNS?
By default, your device will use your company’s or ISP’s DNS servers. However, there are a number of reasons why users might change their DNS configuration to use public third-party DNS resolvers, including:
- Performance and feature improvements: A public DNS service may be better in a number of different ways, including speed, reliability, caching, security, validity of results and features like parental control.
- Circumvention of censorship or geoblocking: Using an alternative resolver can help get around DNS blocks due to government- or ISP-level restrictions.
When choosing services, also keep in mind that public DNS providers represent a wide range of different organizations with different motivations. Some are ISPs like Level 3, major DNS providers like OpenDNS, or large Internet companies like Google who provide DNS as an act of goodwill to the web community and may also benefit from gaining access to information about users’ web browsing habits. Others like OpenNIC, a nonprofit user-owned and controlled cooperative, aim to provide a decentralized alternative to other DNS services.
To compare the performance of a wide range of popular public DNS providers, we set up latency tests to the primary IP address for each provider. Our tests send a request every hour from around 300 vantage points in almost 50 countries and 200 networks (autonomous systems). Each vantage point measures the latency between it and the nearest recursive resolver (using anycast) for each public DNS provider.
We tested to 10 of the most popular public DNS providers: Comodo, DNS.WATCH, Dyn, FreeDNS, Google, Level 3, OpenDNS, OpenNIC, SafeDNS and Verisign. Starting in March 2017 we collected data for 30 days, resulting in more than 200,000 data points for each of these providers.
Results: Google Continues to Outperform
Looking at latency to all of the providers averaged across all geographic regions, Google has the clear lead with an overall mean latency of 33 ms.
If we look at mean latency over time, we see that there are few large fluctuations. This is a much more stable picture than the one we saw in our analysis from 2015, where fluctuations were both large and frequent. This is a good thing — latency to these public DNS services is much more stable and predictable than it was two years ago.
But from a different perspective, the picture of public DNS looks very much the same. The providers’ “rankings” and their levels of mean latency all look very similar to what they did in 2015, with the biggest exception being OpenNIC. From 2015, OpenNIC improved from last place at a mean latency of 159 ms to 5th place at 75 ms in 2017.
However, OpenNIC’s significant improvement is not due to any addition of public servers — the total number of public servers was 77 in 2015 and 78 at the time of writing. Instead, performance improved because OpenNIC introduced anycast IP addresses after our study in 2015. In 2015, we targeted a US server; this time, we tested to an anycast IP address. As a result, performance looks much better from a global perspective. The addition of anycast IPs can help with performance and convenience for a lot of users, who no longer need to guess at the closest or most performant public server for them to use.
On the other hand, OpenNIC is unique in that it is user-owned and controlled, so the set of available public DNS servers, as well as their performance, likely fluctuate more often than that of other public DNS services. As an example, our test to OpenNIC observed that latency from vantage points in Africa jumped from 35 ms to 180 ms on April 10, and never recovered during the testing period.
We’ve seen that Google leads on a global basis, but how does it do on a regional basis? The below table shows mean latency broken out by continent for each provider, and it remains clear that Google has the most consistently good performance from around the world. Google has the lowest latency in Europe, Latin America and Asia, and among the lowest in North America and Africa.
In addition, OpenDNS significantly improved its latency in Africa, from 102 ms in 2015 to 23 ms in 2017. This is likely largely due to its new Johannesburg data center, which opened in April 2015 after our 2015 measurements began.
This trend isn’t isolated to just Google. The frontrunners, including Google and OpenDNS, generally have consistently high performance from vantage points around the world; latency measurements to these providers have very low variance. In contrast, the providers with much lower performance (like FreeDNS) have much higher variation in measurements of latency — see the below box and whiskers charts.
In a box and whiskers chart, the middle dot is the median, and the upper and lower dots are the maximum and minimum values, respectively. The line expands from the median value upward to the third quartile and downward to the first quartile, so the height of the line represents the middle 50% interval of all values.
Why Google Leads the Pack
Google is the clear leader in most regions around the world, and among the frontrunners everywhere. If you decide to use a public DNS service, your best bet from anywhere in the world is to use Google’s 184.108.40.206. This finding has been true for some time now, based on our findings from 2015 and 2011.
So why has Google been so fast for so long? Google’s maintained very low latencies because it’s been able to serve queries from a huge number of locations around the world. Not only are DNS records served up from its less than 20 data centers, but also via edge caching in their many global points of presence (POPs), as well as in ISP and access networks. So Google is able to serve up records from locations very close to the end user, resulting in very low latencies.
We can see this if we look at the hop-by-hop network path taken by traffic traveling from our monitoring points around the world to Google’s primary IP address for its public DNS service, 220.127.116.11. Looking at the penultimate hops right before traffic enters Google’s network, we see a range of different locations, indicating that our test probes are accessing many different POPs around the world. In the vast majority of cases, those penultimate hops are located in the same city as the monitoring points — Google’s many POPs around the world have ensured that it can serve DNS records from very close distances.
While Google will likely continue to lead the public DNS space due to the sheer number of POPs it can serve records from, monitoring and measuring performance to public DNS services can prove useful. The landscape of public DNS is constantly changing, as we’ve seen with the introduction of new data centers and the changing sets of available and high-performing servers and POPs.