|
At ThousandEyes, we’ve always been curious about the performance of various public DNS resolvers—especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we’d share the results.
Here’s how we did it. We measured the latency to each resolver from approximately 3000 points around the globe with a minimum of 50 points per country. This means that these results are based on the best-case resolution time, assuming you tried to retrieve a DNS record that was in the public resolver’s cache. The results shown are the average over a 24-hour period.
Using this data, we determined which DNS provider’s resolvers were fastest (on average) as seen by each of the vantage points. We picked a winner per country based on the provider that was most frequently the fastest in that country. The map below is colored accordingly. As you can see, if you are in the US, chances are that your fastest public resolver is an OpenDNS resolver. But if you’re in India, it’s probably Google.
Fastest DNS providers per country, UltraDNS (yellow) applies to Hong Kong.
Global Results:
Resolver | Avg Latency | % Where Fastest |
Google 1 (8.8.8.8) | 61.1 ms | 20.7% |
Google 2 (8.8.4.4) | 61.2 ms | 19.0% |
Dyn 1 (216.146.35.35) | 94.6 ms | 13.5% |
OpenDNS 2 (208.67.220.220) | 84.6 ms | 11.8% |
OpenDNS 1 (208.67.222.222) | 85.5 ms | 10.9% |
Dyn 2 (216.146.36.36) | 95.8 ms | 10.2% |
Ultra 2 (156.154.71.1) | 105.4 ms | 7.6% |
Ultra 1(156.154.70.1) | 117.9 ms | 3.5% |
Level3 2 (4.2.2.2) | 169.0 ms | 1.7% |
Level3 1 (4.2.2.1) | 217.7 ms | 1.1% |
United States Results:
Resolver | Avg Latency | % Where Fastest |
OpenDNS 2 (208.67.220.220) | 18.2 ms | 27.3% |
OpenDNS 1 (208.67.222.222) | 17.8 ms | 27.2% |
Dyn 2 (216.146.36.36) | 23.6 ms | 8.7% |
Ultra 1 (156.154.70.1) | 28.6 ms | 7.8% |
Dyn 1 (216.146.35.35) | 25.7 ms | 7.7% |
Ultra 2 (156.154.71.1) | 24.2 ms | 6.7% |
Level3 1 (4.2.2.1) | 34.6 ms | 5.9% |
Level3 2 (4.2.2.2) | 28.1 ms | 4.8% |
Google 2 (8.8.4.4) | 31.2 ms | 2.3% |
Google 1 (8.8.8.8) | 32.0 ms | 1.6% |
Most regions have a clear frontrunner—OpenDNS in North America, Central America, and Africa, Google in South America and the Asia-Pacific region, and Dyn in eastern Europe. In western Europe, however, there is a bit more contention for the top spot, with each of the top three providers making a strong showing. At a country level, Level3 DNS resolvers did not make it to the top anywhere while Ultra’s DNS resolvers made it to the top in Hong Kong (though you can’t see it on the map).
Now that our initial curiosity about the performance of different public DNS resolvers has been satisfied, our next task is to understand how the performance of public resolvers compares to the default resolver provided by your local ISP. That’s definitely more involved and will be the subject of an upcoming article.
Sponsored byRadix
Sponsored byVerisign
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byCSC
Thanks, and just curious when the results were collected (approximately)?
We used the 24 hours from midnight April 5th to midnight April 6th UTC.
Okay, I guess I have some more work to do to make us better in SE Asia. :-( Eastern Europe should be fixed by end of next week. Thanks!
Thanks for sharing this information. While many CircleID readers are technical in nature, many whom have sent me the link to your article did not notice the fact you were referring to recursive DNS resolvers instead of authoritative. I think it should be noted that companies have many different reasons for providing public recursive DNS resolvers. I would challenge readers that Google does it to extend their information collection. OpenDNS is obviously focused on this as their primary business, while Level 3 inherited much of their infrastructure from Genuity, both of which are ISPs. UltraDNS is in the unique position to provide an extension of its authoritative DNS responses directly to recursive resolvers as a feature of its Premium Authoritative DNS service. This further ensures the security of the query response (cache poisoning mitigation) and bypasses TTLs for its customers (cache invalidation technology).
While speed is important, I do not believe it should be looked at in a vacuum. All of the top providers you have written about are being measured in a variance of milliseconds. Other features like the type of resolver code used, the security mechanisms in place, the strength and experience of the organization standing behind the service and the additional features beyond basic query response are also important. OpenDNS & UltraDNS are dedicated to DNS resolution and both offer substantial service beyond basic query resolution. A good example of this is Category Filtering to control content accessed (e.g., Malware, Phishing, Social sites, Adult content, etc).
Rick, you make a good point and its true that speed is not everything. However, this post does not try to claim one is "better" than the others. Its just meant to compare how fast different public recursive DNS services are, primarily because we ourselves were curious and were also asked the same by many others.
Mohit, thanks for the follow up. As you can imagine I am protective of our products and the DNS industry as a whole. The only reason I commented was quantity and type of questions I personally received based on the post. Many times when an industry expert makes a post in a well known and respected source such as CircleID, less technical readers tend to only focus on the information discussed and lose perspective on the bigger picture. My comments should not be taken as anything other than an attempt to bring to light the bigger picture. We appreciate the information and being included in your review.
Rick -- I thought you guys killed DNS Advantage? I can't even find a link to it on Neustar or Ultra's website. I've never heard of a single organization using it.
David, thank you for your reply, but to clarify DNSAdvantage.com is our consumer branded version of our Recursive DNS platform and is not the focus of our Neustar.biz branded website, which is focused on business customers. We have many organizations ranging from Fortune 50 to traditional Internet Service Providers (ISPs) relying on the advanced features of our Recursive DNS platform everyday. Hopefully you are experiencing the same success we are.
Rick -- Okay, so forget DNS Advantage, I didn't know it was consumer-focused since we've had non-consumer customers tell us that Neustar sales people are pitching it as a business product. Misunderstanding, I'm sure. So then is this the product you are referring to? http://www.neustar.biz/services/ultradns-services/ultradns-recursive To make sure I understand correctly, you are saying that a Fortune 50 is currently using that product for recursive DNS? And that it's a cloud service? I've never heard of it or heard of a customer mentioning it or anything about it at all. In any event, I do not think we are experiencing the same success as you; we are dramatically growing our business by focusing on innovation and by delighting our customers with a world-class service.
Speed is one thing, DNSSEC validation something quite different. Still, you might want your favourite resolver to support that too. But does it?
Do the test at: http://dnssectest.sidn.nl/