GT500 Posted January 27, 2014 ID:783405 Share Posted January 27, 2014 Gigabit Internet? I'd be in Internet heaven (at least if it was reliable, which is the real issue with ISP's where I live). Seriously though, I DO NOT trust Google enough to want Internet service from them. Or, at least, if I did have Google Fiber I would be using OpenDNS instead of Google's DNS. I'm fairly certain they can't filter my DNS requests when I have my router set to use OpenDNS, although they will still be able to log what IP's you are connecting to over your Internet connection. Although if they filter HTTP traffic (at least to capture the HTTP headers), then they can get the domain name anyway, so perhaps using a third-party DNS wouldn't help any... Link to post Share on other sites More sharing options...
David H. Lipman Posted January 27, 2014 ID:783421 Share Posted January 27, 2014 I never trust Google but I do find Google DNS quite fast and I don't see a problem using it even if they log DNS queries. Them having the full data pipe, that's another story. I have tried OpenDNS. When they blocked access to a white hat site at the University Mannheim and they indicated it could 72hrs to unblock them, I dumped OpenDNS ASAP and haven't looked back. Link to post Share on other sites More sharing options...
GT500 Posted January 28, 2014 Author ID:783483 Share Posted January 28, 2014 Since I was able to (finally) get rid of their stupid search that comes up when a DNS record isn't found, OpenDNS has been OK for me. At least I trust it more than my ISP's DNS (they just aren't reliable), and I trust Google far less than OpenDNS as well. I do have VirtualBox on my server, so I guess I could set up my own DNS servers, however I can only use NAT mode for some reason (seems to be no Internet connection in bridged mode) so I have to assume that performance wouldn't be great if I did that. Link to post Share on other sites More sharing options...
David H. Lipman Posted January 28, 2014 ID:783486 Share Posted January 28, 2014 The Former GTE DNS Servers, now with Level 3 Communications, are reliable, fast and public (no filtering though like OpenDNS).4.2.2.14.2.2.24.2.2.34.2.2.44.2.2.54.2.2.6I use; 4.2.2.1 and 4.2.2.3 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 28, 2014 Root Admin ID:783510 Share Posted January 28, 2014 Topic was split from here: Google Fiber: Why you need to get online 100 times faster.. as it was straying off topic. Please continue the discussion on DNS here if you like. Thanks Here is a tool to test speed results for DNS you may be interested int. Domain Name Speed Benchmark Link to post Share on other sites More sharing options...
GT500 Posted January 28, 2014 Author ID:783523 Share Posted January 28, 2014 That was an interesting tool: Link to post Share on other sites More sharing options...
hoople Posted January 28, 2014 ID:783766 Share Posted January 28, 2014 There's also namebench https://code.google.com/p/namebench/Personally, I have 8.8.8.8/8.8.4.4 and both of my ISP's DNS servers entered. Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:783778 Share Posted January 29, 2014 Danke Hoople. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29, 2014 Root Admin ID:783816 Share Posted January 29, 2014 Just a word of caution though that if you're running your own Windows Active Directory you do not want to point to an outside DNS server as the first servers in your list otherwise internal lookups will be slow as heck. You can add them as a secondary but you should be pointing to your own local DNS server in most cases. Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:783838 Share Posted January 29, 2014 Ron,You are absolutely correct. I just did two AD Domain Controllers in two separate Borough facilities (SuperStorm Sandy recovery program for a NJ Borough *badly* devastated by Sandy). A Netgear Router performed DHCP so I had to statically setup the DNS servers. Assuming the 1Domain Controller was 192.168.1.4, the workstation's DNS table were... 192.168.1.48.8.8.84.2.2.38.8.4.44.2.2.1 If I did not have the local DNS server in the computer's DNS table, I had difficulty adding the systems to the Domain (make the computers "domain participants") and Group Policies were not pushed to the Domain Participants. Once the computers were statically set, as above, everything worked flawlessly. ---1. The Domain Controller was the local DNS Server and WINS server. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29, 2014 Root Admin ID:783841 Share Posted January 29, 2014 Yeah, I still use WINS myself though in a pure DNS shop one "should" not need to anymore but there are still applications out there that do expect to communicate with NETBIOS calls. Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:783846 Share Posted January 29, 2014 I had Ricoh all-in-one Printers where the user's can scan to a SMB Share ( BTW: I always use Hidden Shares ) and thus WINS "helped". Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29, 2014 Root Admin ID:783852 Share Posted January 29, 2014 Most printers now days seem to have one or more models that do support that feature and I too will typically use a hidden share for items like that or manage the permissions as often its only a small department of users that are using that feature. Don't think most printers are all that good at DNS and networking overall - they seem to put in just enough to get by. But not the same with their software - WOAH!! they'll bog you down with hundreds of MB of useless software if you let them. Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:783854 Share Posted January 29, 2014 WOAH!! they'll bog you down with hundreds of MB of useless software if you let them. I'll drink to that ! Link to post Share on other sites More sharing options...
daledoc1 Posted January 29, 2014 ID:783895 Share Posted January 29, 2014 Sheesh, guys! I read this thread and I say to myself, "Self, how do these possibly guys know SO MUCH about all this networking and other computer stuff?!?!?!"I feel like such an old geezer.But I do learn oodles trying to decipher the secret computer geek-speak. The other observation: YES, for home printers, the BLOATWARE is beyond all bloviating boundaries of ballooning, hyperbolized, overblown embellishment.300-400 MB for an HP all-in-one - sadly, it's no smaller for a modern model than it was for my last one, nearly 10 years ago.By contrast, I had occasion today to install a network office copier/printer on my new lappy: a mere 40 MB and done & 1 port setting. No muss, no fuss. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29, 2014 Root Admin ID:783898 Share Posted January 29, 2014 Off-Topic so if we want to continue on printers I can move this part to it's own topic :-) Yes, typically one needs to try to locate a "driver only" installer when possible or copy the installer to disk and then rename the setup.ini or similar name so that it does not auto run all the software. Though this can be a rather daunting task for the average home user with little experience doing such. Then they often will have an advanced feature to disable all that software but the HP one is actually pretty well hidden from the user clicking Advanced (some malware writers could probably learn to hide like HP does on their installer) and deselect the other items. Then hopefully all you get is the bare bones driver needed to talk to the printer and actually print. Link to post Share on other sites More sharing options...
daledoc1 Posted January 29, 2014 ID:783900 Share Posted January 29, 2014 Sorry - I was just picking up on the comment in reply #13.No need to split to new thread.It was just a casual observation... My bad. <crawls back under rock> Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 29, 2014 Root Admin ID:783902 Share Posted January 29, 2014 No problem - just didn't want to break off-topic rules myself. Some users may find this of value too for doing Dynamic DNS at home Best Free Dynamic DNS Services in 2013 Link to post Share on other sites More sharing options...
GT500 Posted January 29, 2014 Author ID:783909 Share Posted January 29, 2014 Isn't this whole section off-topic? Anyway, I guess the real question is, if my router has a DNS cache then does it matter what DNS servers I set it to use? I guess it would if I was trying to visit a website with a domain that wasn't in my router's DNS cache, so the real question is what does it cache? Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:783959 Share Posted January 29, 2014 GT500: I'll try to respond later in the day. Link to post Share on other sites More sharing options...
John L. Galt Posted January 29, 2014 ID:784031 Share Posted January 29, 2014 The first part of the question from GT500 is easy to answer - it will still matter which servers you use even if you have a local cache on your router. Picking a slow server (not good when it takes 3 seconds to look up a site and 0.5 to load) / a server prone to errors (Not good if you are trying to visit Google Play and get redirected to the Playboy Channel) / a server with over aggressive blocking policies (Not good when you try toaccess to a white hat site at the University Mannheim and get blocked) - will run you the risk of you not being able to access (at the very least, in a timely manner) any site that you try to access that is not already in the local cache. I know the Dave will expand upon this. FWIW, I have used Gibson's DNS checker utility several times, and I usually end up staying with OpenDNS or else my ISPs - I've found that the Google DNS while fast has almost *always* given me fits at some point in time when I've used it extensively. Link to post Share on other sites More sharing options...
ShyWriter Posted January 29, 2014 ID:784032 Share Posted January 29, 2014 (edited) Here is a tool to test speed results for DNS you may be interested int. Domain Name Speed Benchmark Good ol' Steve Gibson.. (author of the mentioned DNS Benchmark program) Wish I was smart as he is (without his attitude) and could code in assembly language.. That guy is one of those obnoxious "geniuses" that is both brilliant and narcissistic as well as a pain in M$'s (mostly) and others injustices when it comes to holes in software, etc.. I've "known" that guy since the earliest days of SPINRITE, his main claim to fame and money generator. I used to use his stuff all the time but hadn't heard him doing anything recently until this DNS program. I'm running it now after I changing from Time Warner's DNS servers to @David's GTE DNS (same #'s as he's using) to one of the OpenDNS and one of the BHN DNS after running the time-lag/optimize for DNS program from Gibson. :blush: Thanks for the info @Ron.. and @David.. Steve Edited January 30, 2014 by ShyWriter Link to post Share on other sites More sharing options...
David H. Lipman Posted January 29, 2014 ID:784268 Share Posted January 29, 2014 I promised I would revisit this thread... I apologize but I'll start by referencing a previous post of mine relative to DNS servers. While there *may* be a Router (SOHO or Enterprise) that "caches DNS", that's not really what they do. It is the computer that caches DNS and that "local" DNS cache can be purged by the command line "ipconfig /flushdns". A Router's WAN address will either be statistically set or dynamically configured. When the WAN IP address is dynamically set the operator can manually override the DNS Server with ones that the user desires. If one gets a static IP from their ISP they will be provided with the IP address, IP Network mask, IP gateway and the DNS servers associated with the sub-net that the user is attached/assigned to and the operator has to manually set all that up for the WAN. My previous post shows examples of how you can tell if your computer which uses DHCP from the Router is provided the DNS Servers or if your DNS requests are forwarded. The Router will usually also have a DHCP Service. This will provide the LAN hosts their IP address but will also provide the LAN gateway address, the Netmask and the DNS Server(s). Depending on the Router the DHCP Server will either provide the DNS Servers that were provided to the WAN IP address or will forward DNS queries through the Router to the WAN IP assigned addresses. One thing to note about SOHO Routers and SOHO Ethernet switches is that they WILL be slower than their Enterprise cousins. This can be expressed as a "hop" and a time delay called an "introduced latency". This is a time in nanoseconds. (ns). The slower the device the larger that time will be. Thus one can say a latency of 40ns is longer that a latency of .10ns. While this time may seem small, it adds up as a function of the number of packets. The reason I bring this up is if the Router forwards the DNS Queries then you have just introduced a time delay. Example: The user wants to go to Yahoo.Com. The LAN node used DHCP to supply the DNS Server(s) and the Router indicated the IP address of the Router is the IP address of the DNS Server. If the Router IP address is 192.168.1.1 then you will see the DNS server is 192.168.1.1. The PC does an IP query on Yahoo.Com and goes to 192.168.1.1 and but the Router does NOT do DNS and it just forwards the DNS query to the DNS Servers set to the WAN IP. Lets say that the first one in the DNS table is Google's 8.8.8.8 and it responds. It sends the DNS query results back to the WAN IP. The Router then forwards the results back to the LAN node making the IP query for Yahoo.Com. When you statically set the DNS server, such as Google's 8.8.8.8, on the PC the Router does NOT forward the query as the query is sent directly to the Google DNS Server. The Router is NOT acting like a "middle man"] and thus the DNS query is quicker. Just for the hell of it, I will add another subject corresponding to what was added in posts #10 and #11, called WINS. DNS and WINS are similar in that they work with IP addresses but differ as to the NAMES that are associated to the IP address. Going back to the days of early Local Area Networking (LAN) and a Network Operating System (NOS) called LAN Manager. That introduced a construct for sharing data over a Local are Network (LAN) through a Network Basic Input/Output System or NetBIOS. There were two transports most often used, NetBEUI and NetBIOS over IP. In a flat network with no sub-nets NetBEUI can be used. In a larger network with multiple sub-nets TCP/IP is used to transport NetBIOS calls and is known as "NetBIOS over IP" and uses 1TCP/UDP ports 135 ~ 139 and 445. When a computer has to translate a name to an IP address it is either an Internet address, such as Yahoo.Com, or a NetBIOS name like Marys-PC. In My previous post on DNS I mentioned a static table called the hosts file. This is located in the ./etc folder and ( etc/hosts or .\etc\hosts ). Name resolution in WINS is like DNS and thus the computer has a comparable NetBIOS name static table and it is called the lmhosts file. The hosts file and the lmhosts file are located in...C:\Windows\System32\drivers\etc The windows OS comes with a sample lmhosts file and it is there called lmhosts.sam ( the active file must be named .\etc\lmhosts with no file extension). Often we may define an Active Directory Domain Controller in the lmhosts file such as the below example... 192.168.1.4 My-Domain-Controller #PRE #DOM:My-AD-Domain_Name ---1. Since Routers use Network Address Translation (NAT) to go between the WAN IP and the possible 253 (or more) LAN addresses, Routers can implement simplistic Firewall constructs or may include a full Firewall implementation. Even on SOHO Routers the simplistic Firewall constructs include port blocking. On networks where I specifically use "Network Shares" and thus NetBIOS over IP, I will specifically BLOCK TCP and UDP ports 135 ~ 139 and 445 on the Router. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now