Google Launches Public DNS Resolver 540
AdmiralXyz writes "Google has announced the launch of their free DNS resolution service, called Google Public DNS. According to their blog post, Google Public DNS uses continuous record prefetching to avoid cache misses — hopefully making the service faster — and implements a variety of techniques to block spoofing attempts. They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard, and will not redirect you to advertising in the event of a failed lookup. Very cool, but of course there are questions about Google's true motivations behind knowing every site you visit."
I guess it is good news... (Score:5, Interesting)
> They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard.
Congratulations, this would then be the first free service that I know of which doesn't do redirect ! ;-)
I setup my own DNS but I guess it is a little overkill for the common every day user. Setting your own DNS means you have to go to the network (e.g. internet) less often because your locally hosted DNS caches the already visited sites for a TTL period of time. This is especially true if you have several computers and that they tend to visit the same sites.
Let me add that if your ISP or firewall intercepts requests to port 53, you will still be stuck with it ;-(
DDoS attacks (Score:4, Interesting)
But I thought open recursive DNS servers were bad -- haven't you heard of DNS DDoS amplification attacks? Why would Google's open recursive DNS service be any better in this regard?
Don't get me wrong, I love Google. (Score:5, Interesting)
Re:OpenDNS (Score:5, Interesting)
OpenDNS hijacks Google searches [opendns.com], which could be part of Google's motivation also.
Why all the paranoia over Google? (Score:4, Interesting)
Look.. Google's in the advertising and data aggregation business, yes. But ... there is a level of suspicion and fear directed at Google that just seems extreme. Has Google actually done something "Evil" that I missed? Or it is just paranoia? I personally think that it's much more likely that OpenDNS or my ISP would do something crazy with this sort of information than Google.
Re:DDoS attacks (Score:2, Interesting)
http://code.google.com/speed/public-dns/faq.html#issues
Re:Yet another privacy risking tool I won't mind u (Score:3, Interesting)
So not only as memorizable, but explicitly public, whereas 4.2.2.2 and 4.2.2.1 are both technically being abused when you do that.
end game in sight (Score:2, Interesting)
So...
Google voice first for voice. Last week Gizmo5 for voip and now rolling out their own DNS?
Looks like all the infrastructure pieces are in place for the mass change of how cell phones are going to work.
For years I've wondered why we still have phone numbers. With address books stored on the phones to map names (hosts) to phone numbers (ip's).
With all the phones these days having decent data connections as standard, looks like we're going to get a central way of handling this.
So my phone contact will be 'Fred@Domain.com' If I send an email with that address, it gets sent to their mail. If I make a call to that address, does the DNS lookup, finds out their phone number (that we can re-configure our end to handle calling home phone or cell phone, and with location based rules on an android phone, you'd be able to automate it as you left your house, it lets the phone DNS know to call the cell phone, then as you get to your desk location, remap to office phone for non-personal calls). All possible as standard.
We're not going to get phone and choose to have a dataplan, we're going to have phones + dataplans and that's it.
telcoms industry HAVE to know this surely?
(personal wish, as calls are made to someone, there's a quick lookup for capabilities of the device you're calling, then popup the choices to make normal call, send a text, allow the webcam to work, or most importantly, present a URL to an MP3 that's YOUR ringtone, so you can set up a theme tune and as you call people, they hear your tune (as long as they've not turned that off))
Re:Why? (Score:3, Interesting)
But really, I have been running servers of all sorts for years now and the only ones that require any significant amount of maintenance are the HTTP ones due to their content going stagnant (gopher does not count here as its OK to have stagnant content, makes it look more 'nostalgic' if it hasn't been updated in years I suppose)
A DNS server is pretty much set and forget, to the point where most consumer grade routers have one built in. Yeah sure its not the latest DNSSeC doohickey but i'm sure the next generation will have that
Comment removed (Score:2, Interesting)
Maybe They Just Want People To Access Their Site (Score:3, Interesting)
Re:Latency: most ISPs should win hands down (Score:2, Interesting)
Interesting.
RTT to my ISP's (Comcast) resolver: ~50ms
RTT to Google's resolver: ~30ms
No-brainer here, too. Also, Comcast sucks... (but you already knew that...)
no thanks (Score:2, Interesting)
Re:NTP pool & GeoIP (Score:3, Interesting)
Re:Don't get me wrong, I love Google. (Score:3, Interesting)
I'm hoping the current leadership is/will be smart enough to put some kind of clever legal strictures in place that ties the hands of whoever may run the company after them in such a way as to enforce the "don't be evil" ethic.
Re:NTP pool & GeoIP (Score:4, Interesting)
Re:I guess it is good news... (Score:5, Interesting)
Re:NTP pool & GeoIP (Score:4, Interesting)
Re:Questions? (Score:5, Interesting)
"My guess is, they want broad statistics like the most popular domains visited, maybe even traffic patterns of which domains people tend to go to after which other domains."
I'd go further. Given the announcement of Chrome OS, I wouldn't doubt they want to test a huge number of DNS requests and tweak the system to be as fast as possible to speed up Chrome. Google knows latency is an issue with web apps, and is trying to do all they can to reduce this. I think this is just another step in that direction.
Re:I guess it is good news... (Score:3, Interesting)
Yup, I run my own DNS - in part because I also want to have local hostnames and a bit more control over dhcp/etc.
It also is nice to be able to blackhole any domain I like and kill 80% of the ads and intrusive cookies out there. When I'm browsing on wi-fi from the cellphone I'm amused to see all the banner ads go away desipte it not having an ad blocker.
Re:No IPv6 records :-( (Score:2, Interesting)
Google has a special "Cluefulness Test" when it comes to IPv6: http://www.google.com/intl/en/ipv6/ [google.com]. In order to get IPv6 resolution, you need to register the source addresses of your nameservers with them, and claim/prove that you and your provider have "good" IPv6 connectivity to Google. You're also expected to troubleshoot any IPv6 problems that may occur, as opposed to your clueless users bugging Google directly about it.
If you don't meet those criteria, you're still welcome to use ipv6.google.com for searches, of course. But that's not the whole suite of Google tools/products, and the URL is just not as convenient...
Re:Why not do both? (Score:5, Interesting)
Definitely this. My ISP changed their upstream provider and *their* network was intercepting requests on port 53. Luckily, I also administer DNS on another network so set up a bypass on port 54. Personally, I think providing false DNS information should count as fraud.
Re:At least they have a clear privacy policy (Score:4, Interesting)
Re:I guess it is good news... (Score:4, Interesting)
Yeah, but so is my ISP.
Virgin Media keep extensive logs of DNS requests, as the government requires them to, for at least one year. Google keep your IP address logged for 24 hours, then remove it and keep the other DNS request data for an indefinite period.
What is more concerning to me is that my ISP knows who I am. They can easily link up DNS requests with my account and billing details. Google probably could link it up with their other data pools if they wanted to, but they don't require you to have a Google account to use their servers so you don't have to provide them with any more details than your current IP address. E.g. you could use Yahoo for all searches and never send Google any more than just an IP address.
What it boils down to is that I trust Google a lot more than I trust Virgin Media. At least Google publishes what they do with your data and doesn't sell it to third parties.
Re:Cool! (Score:3, Interesting)
Besides 8.8.8.8 and 8.8.4.4 it looks like there's 4.3.2.1
$ whois 4.3.2.1
Level 3 Communications, Inc. LVLT-ORG-4-8 (NET-4-0-0-0-1)
4.0.0.0 - 4.255.255.255
Google Incorporated LVLT-GOOGL-1-4-3-2 (NET-4-3-2-0-1)
4.3.2.0 - 4.3.2.255
Re:DDoS attacks (Score:3, Interesting)
Re:Better Google than your ISP (Score:4, Interesting)
Re:8.8.8.8/4 (Score:1, Interesting)
However much they pay, it's great that they got this address--I don't plan to use Google DNS in general, but now whenever my DNS goes down I'll know the address for an alternate server...
David Ulevitch, Founder of OpenDNS (Score:3, Interesting)
David Ulevitch, Founder of OpenDNS blogs on the issue. [opendns.com]
Re:Cool! (Score:1, Interesting)
I work for Google. Please don't use 4.3.2.1; it was used during an internal beta but may not continue to work in the future, and currently may not work from all locations. 8.8.8.8 and 8.8.4.4 are the only officially supported addresses at this time.
Re:I guess it is good news... (Score:4, Interesting)