The Domain Name System (DNS) is crucial to how your users experience the internet. Each time users need to reach a website, their PC needs to translate whatever they type in an address bar into an IP address. Problem is, most people can't remember IP addresses so they'd rather type in the name of a website or other internet location by name.
Continue Reading Below
So, after users type in something such as "PCMag.com," their computers send that name out to a DNS server, which looks up the IP address and sends that address back to the users' PCs. Once the computers have that information, the users can navigate to the website.
The DNS Slowdown
As you can imagine, each time the DNS server has to look up an address, it takes time. It also takes time for the request to reach the server and time for it to travel back over the internet to the computer. This delay is referred to as "latency" and enough of it can cause users to swamp your helpdesk inbox with trouble tickets concerning "slow internet."
While a single page might load fairly fast, most webpages consist of several, perhaps dozens, of individual items, many with their own internet address. Added together, these delays can really slow things down. Some websites that feature a lot of advertisements, for example, can be incredibly slow as each ad takes its time to load.
Fortunately, a few DNS server operators are working on this problem by speeding up their part of the process, offering lookup services with as little latency as possible. Cloudflare, for example, has just announced that it will be providing DNS services from 150 locations globally. In a move reminiscent of edge cloud computing, these service providers are not only spreading out the computing load but they're also putting their servers as close as possible to users, which means "travel time" latency is minimized.
One such DNS service provider is Cloudflare DNS. This provider's servers have the same IP address (126.96.36.199), which your router can find on the internet by using search algorithms that choose the shortest path first.
Another nice benefit of these new services is a higher level of security beyond typical managed endpoint safeguards because they encrypt users' DNS requests. By encrypting incoming requests, other services along the way, including your internet service provider (ISP), can't read what's being requested.
"Business or IT departments can update their routers and take advantage of 188.8.131.52," explained Michelle Zatlyn, co-founder and Chief Operating Officer (COO) of Cloudflare. "We're working with different ISPs to make it even easier to access."
Zatlyn said that there's no charge for an organization to use the Cloudflare DNS service, and she stressed the importance of encrypting the DNS requests. "We're a privacy-first DNS resolver," she said, mentioning further that Cloudflare is working to encourage widespread adoption, which is why there's no charge. Still, while any business can use the Cloudflare DNS services, it will work better for some than others.
"Some businesses have no idea who they're getting DNS from," Zatlyn said, "while some want all sorts of filtering." She said that, as it currently stands, the Cloudflare DNS is probably not appropriate for large businesses that demand a lot of control over what websites are resolved and which are not.
"What we do in our core services is that we provide a large, strategic global network in 150 cities around the world—across the US, Canada, Europe, and mainland China," Zatlyn said. "We're very close to where people are connecting to the internet. Because we're closer, we're faster."
A Growing Number of Players
Cloudflare isn't the only company offering fast and secure DNS. Google has been offering a public DNS service at IP addresses 184.108.40.206 and 220.127.116.11. There's also Quad9, which offers a service that's similar to Cloudflare's but which also blocks malicious websites. By blocking malicious websites, Quad9 prevents malware from reaching its command and control servers, and it prevents coin-mining attacks into the bargain.
Quad9 also has an Internet Protocol version 6 (IPv6) DNS service that offers the same fast name resolution and the same security features. It also has an unsecure address for users who want the fast name resolution but not the filtering. Like the Cloudflare service, Quad9, which was developed with the help of IBM, is free.
Cisco offers OpenDNS, which is available for businesses of all sizes as well as for individual users. It's free for individuals and very small businesses but there is a charge for other services. OpenDNS is part of the Cisco Umbrella offering, which provides a wide range of capabilities designed to secure business users. For larger companies that need the filtering and other capabilities that Zatlyn mentioned, this might be the answer.All three services are free to individual users, which means that you can try them out and see if they make sense. One potential difference is latency because the farther you are from the service's nearest DNS server, the greater the potential latency.Remember, latency is additive. Your overall lost time to latency in your business is the sum of the latency for all users. And the overall lost time for each user is the sum of the delay for each website, each time a user visits it. This is added to the time it takes your other internet-connected devices to get name resolution each time they need it. So even a small difference can add up to a lot.