Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Launches Public DNS Resolver

Posted by timothy on from the their-interest-is-understandable dept.

AdmiralXyz writes "Google has announced the launch of their free DNS resolution service, called Google Public DNS. According to their blog post, Google Public DNS uses continuous record prefetching to avoid cache misses — hopefully making the service faster — and implements a variety of techniques to block spoofing attempts. They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard, and will not redirect you to advertising in the event of a failed lookup. Very cool, but of course there are questions about Google's true motivations behind knowing every site you visit."

31 of 540 comments (clear)

  1. I guess it is good news... by ls671 · · Score: 4, Interesting

    > They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard.

    Congratulations, this would then be the first free service that I know of which doesn't do redirect ! ;-)

    I setup my own DNS but I guess it is a little overkill for the common every day user. Setting your own DNS means you have to go to the network (e.g. internet) less often because your locally hosted DNS caches the already visited sites for a TTL period of time. This is especially true if you have several computers and that they tend to visit the same sites.

    Let me add that if your ISP or firewall intercepts requests to port 53, you will still be stuck with it ;-(

    --
    Everything I write is lies, read between the lines.
    1. Re:I guess it is good news... by Jophish · · Score: 2, Interesting

      Oh boo hoo. I know I am going to get modded down for this, but: I don't mind Google knowing this, or knowing what sites I visit, if it means that they can deliver more relevant ads to me, cater more to my needs. This is a good think, kudos too Google, Inventing a business model that makes everybody happy.

    2. Re:I guess it is good news... by afidel · · Score: 4, Interesting

      Actually L3 is turning off public access to those resolvers and has been for a while, sometimes you will not get any response at other times they just degrade response times.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    3. Re:I guess it is good news... by Rich0 · · Score: 2, Interesting

      Yup, I run my own DNS - in part because I also want to have local hostnames and a bit more control over dhcp/etc.

      It also is nice to be able to blackhole any domain I like and kill 80% of the ads and intrusive cookies out there. When I'm browsing on wi-fi from the cellphone I'm amused to see all the banner ads go away desipte it not having an ad blocker.

    4. Re:I guess it is good news... by AmiMoJo · · Score: 3, Interesting

      Google is datamining everywhere and everything already.

      Yeah, but so is my ISP.

      Virgin Media keep extensive logs of DNS requests, as the government requires them to, for at least one year. Google keep your IP address logged for 24 hours, then remove it and keep the other DNS request data for an indefinite period.

      What is more concerning to me is that my ISP knows who I am. They can easily link up DNS requests with my account and billing details. Google probably could link it up with their other data pools if they wanted to, but they don't require you to have a Google account to use their servers so you don't have to provide them with any more details than your current IP address. E.g. you could use Yahoo for all searches and never send Google any more than just an IP address.

      What it boils down to is that I trust Google a lot more than I trust Virgin Media. At least Google publishes what they do with your data and doesn't sell it to third parties.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    5. Re:I guess it is good news... by TheRaven64 · · Score: 3, Interesting

      That was what I was assuming; does this mean that Google is going to DoS things like DynDNS out of existence?

      --
      I am TheRaven on Soylent News
  2. DDoS attacks by avij · · Score: 3, Interesting

    But I thought open recursive DNS servers were bad -- haven't you heard of DNS DDoS amplification attacks? Why would Google's open recursive DNS service be any better in this regard?

    --

    Follow your Euro bills at EBT
    1. Re:DDoS attacks by Anonymous Coward · · Score: 2, Interesting

      http://code.google.com/speed/public-dns/faq.html#issues

    2. Re:DDoS attacks by neoform · · Score: 2, Interesting

      Does this mean it would be a bad idea to use Google as my own DNS server's source?

      --
      MABASPLOOM!
  3. Don't get me wrong, I love Google. by olsmeister · · Score: 4, Interesting

    But it sure seems like they're getting more and more of my personal information lately. What I search for, where I surf to, with my Droid where I navigate to, my e-mails, my documents. WOW.

    1. Re:Don't get me wrong, I love Google. by Atario · · Score: 2, Interesting

      I'm hoping the current leadership is/will be smart enough to put some kind of clever legal strictures in place that ties the hands of whoever may run the company after them in such a way as to enforce the "don't be evil" ethic.

      --
      "A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
  4. Re:OpenDNS by yakatz · · Score: 5, Interesting

    OpenDNS hijacks Google searches, which could be part of Google's motivation also.

  5. Why all the paranoia over Google? by Fished · · Score: 3, Interesting

    Very cool, but of course there are questions about Google's true motivations behind knowing every site you visit.

    Look.. Google's in the advertising and data aggregation business, yes. But ... there is a level of suspicion and fear directed at Google that just seems extreme. Has Google actually done something "Evil" that I missed? Or it is just paranoia? I personally think that it's much more likely that OpenDNS or my ISP would do something crazy with this sort of information than Google.

    --
    "He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
  6. Re:Yet another privacy risking tool I won't mind u by SanityInAnarchy · · Score: 2, Interesting

    So not only as memorizable, but explicitly public, whereas 4.2.2.2 and 4.2.2.1 are both technically being abused when you do that.

    --
    Don't thank God, thank a doctor!
  7. end game in sight by MrDoh! · · Score: 2, Interesting

    So...
    Google voice first for voice. Last week Gizmo5 for voip and now rolling out their own DNS?

    Looks like all the infrastructure pieces are in place for the mass change of how cell phones are going to work.

    For years I've wondered why we still have phone numbers. With address books stored on the phones to map names (hosts) to phone numbers (ip's).
    With all the phones these days having decent data connections as standard, looks like we're going to get a central way of handling this.
    So my phone contact will be 'Fred@Domain.com' If I send an email with that address, it gets sent to their mail. If I make a call to that address, does the DNS lookup, finds out their phone number (that we can re-configure our end to handle calling home phone or cell phone, and with location based rules on an android phone, you'd be able to automate it as you left your house, it lets the phone DNS know to call the cell phone, then as you get to your desk location, remap to office phone for non-personal calls). All possible as standard.

    We're not going to get phone and choose to have a dataplan, we're going to have phones + dataplans and that's it.
    telcoms industry HAVE to know this surely?

    (personal wish, as calls are made to someone, there's a quick lookup for capabilities of the device you're calling, then popup the choices to make normal call, send a text, allow the webcam to work, or most importantly, present a URL to an MP3 that's YOUR ringtone, so you can set up a theme tune and as you call people, they hear your tune (as long as they've not turned that off))

    --
    Waiting for an amusing sig.
  8. Re:Why? by ickleberry · · Score: 2, Interesting

    I hear this excuse about every type of service. "Look change to to our wonderful new cloud based data mining/advertising supported service and let us do all the work for you"

    But really, I have been running servers of all sorts for years now and the only ones that require any significant amount of maintenance are the HTTP ones due to their content going stagnant (gopher does not count here as its OK to have stagnant content, makes it look more 'nostalgic' if it hasn't been updated in years I suppose)

    A DNS server is pretty much set and forget, to the point where most consumer grade routers have one built in. Yeah sure its not the latest DNSSeC doohickey but i'm sure the next generation will have that

  9. Maybe They Just Want People To Access Their Site by HannethCom · · Score: 2, Interesting

    I seem to recall that there are a few ISPs that are threatening to block all requests to Google sites because of the bandwidth that is being used. I think it stands to reason that the reason Google is running an free DNS is so that people can still access their sites, no matter what their ISP does.

    --
    Microsoft, Apple, Google, Amazon what's the difference? All steal money from devs and control with walled gardens.
  10. Re:Latency: most ISPs should win hands down by osu-neko · · Score: 2, Interesting

    Interesting.

    RTT to my ISP's (Comcast) resolver: ~50ms
    RTT to Google's resolver: ~30ms

    No-brainer here, too. Also, Comcast sucks... (but you already knew that...)

    --
    "Convictions are more dangerous enemies of truth than lies."
  11. no thanks by voodoowizard · · Score: 2, Interesting

    I will still use my free http://www.opendns.com/ servers. The only redirect you get is a search page with is this what you mean. Other than that it will still try and get you where you want to be while also blocking a variety of sites, by your own choosing.

  12. Re:NTP pool & GeoIP by TooMuchToDo · · Score: 2, Interesting

    What sort of NTP servers do they need? I have several locations I can host from (I own a technology services firm) and could provide Stratum 1 services, as several of our NTP servers have GPS receivers attached.

  13. Re:NTP pool & GeoIP by avij · · Score: 3, Interesting

    Any NTP server at any stratum is welcome to join the pool. The only actual requirement is that the server should have a static IP address. The how do I join page has further information. If you already have a functioning NTP server, all you have to do is to log in and add your server's DNS name/IP address and its available bandwidth (for load balancing purposes). I'd say it's a rather simple process.

    --

    Follow your Euro bills at EBT
  14. Re:NTP pool & GeoIP by TooMuchToDo · · Score: 3, Interesting

    Awesome. Away I go adding 6 servers.

  15. Re:Questions? by vitaflo · · Score: 4, Interesting

    "My guess is, they want broad statistics like the most popular domains visited, maybe even traffic patterns of which domains people tend to go to after which other domains."

    I'd go further. Given the announcement of Chrome OS, I wouldn't doubt they want to test a huge number of DNS requests and tweak the system to be as fast as possible to speed up Chrome. Google knows latency is an issue with web apps, and is trying to do all they can to reduce this. I think this is just another step in that direction.

  16. Re:No IPv6 records :-( by Wowlapalooza · · Score: 2, Interesting

    Google has a special "Cluefulness Test" when it comes to IPv6: http://www.google.com/intl/en/ipv6/. In order to get IPv6 resolution, you need to register the source addresses of your nameservers with them, and claim/prove that you and your provider have "good" IPv6 connectivity to Google. You're also expected to troubleshoot any IPv6 problems that may occur, as opposed to your clueless users bugging Google directly about it.

    If you don't meet those criteria, you're still welcome to use ipv6.google.com for searches, of course. But that's not the whole suite of Google tools/products, and the URL is just not as convenient...

  17. Re:Why not do both? by Richy_T · · Score: 4, Interesting

    Definitely this. My ISP changed their upstream provider and *their* network was intercepting requests on port 53. Luckily, I also administer DNS on another network so set up a bypass on port 54. Personally, I think providing false DNS information should count as fraud.

  18. Re:At least they have a clear privacy policy by Idiomatick · · Score: 3, Interesting

    Point to one instance of a Google ToS getting worse. We are talking about a DNS server. Only /. types know what that is nvm would be willing to change theirs. Were Google to change their policy it would be pretty widespread news in the tiny group of people that use it. I don't know what you think they'd have to gain from annoying a bunch of nerds (re: people that support and build their whole business). More likely they made something for internal/personal use and just decided to release it because... well it's Google, they can.

  19. Re:Cool! by camperslo · · Score: 2, Interesting

    Besides 8.8.8.8 and 8.8.4.4 it looks like there's 4.3.2.1

    $ whois 4.3.2.1
            Level 3 Communications, Inc. LVLT-ORG-4-8 (NET-4-0-0-0-1)
                                                                                4.0.0.0 - 4.255.255.255
            Google Incorporated LVLT-GOOGL-1-4-3-2 (NET-4-3-2-0-1)
                                                                                4.3.2.0 - 4.3.2.255

  20. Re:Better Google than your ISP by Ginger+Unicorn · · Score: 3, Interesting

    it's easier, and perhaps routine practice for your isp to log dns requests to their dns servers, whereas i would have imagined that sniffing packets that are not destined for their servers and logging the contents would be a willful act of wiretapping

    --
    (1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
  21. Re:8.8.8.8/4 by Anonymous Coward · · Score: 1, Interesting

    However much they pay, it's great that they got this address--I don't plan to use Google DNS in general, but now whenever my DNS goes down I'll know the address for an alternate server...

  22. David Ulevitch, Founder of OpenDNS by va3atc · · Score: 2, Interesting

    David Ulevitch, Founder of OpenDNS blogs on the issue.

    --
    Candle burns its brightest in the dark
  23. Re:Cool! by Anonymous Coward · · Score: 1, Interesting

    I work for Google. Please don't use 4.3.2.1; it was used during an internal beta but may not continue to work in the future, and currently may not work from all locations. 8.8.8.8 and 8.8.4.4 are the only officially supported addresses at this time.