Are You Using The Best DNS Server?

Test your DNS server using the free and portable DNSBench from Steve Gibson 

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, such as example.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources ~ Credit Cloudflare

Most people tend to use their Internet Service Provider’s DNS service which is often automatically assigned as part of the internet connection configuration. There is absolutely nothing wrong with using the ISP’s DNS service as, due to proximity, it will often be among the fasted of the available DNS servers anyway. However, there is more to this aspect than mere speed and some more advanced users will switch to an alternative DNS server for improved privacy. Perhaps the oldest of these alternative services is OpenDNS (founded in 2005) with Google Public DNS launched in 2009, and Cloudflare DNS, the relative newcomer, launched in 2018.

DNSBench by Steve Gibson

Steve Gibson is one of the most recognized and highly regarded names in the security industry and his DSNBench software will benchmark all DNS nameservers relative to a user’s locale and produce a list of results as well as an extremely useful list of conclusions and recommendations. DNSBench is free and portable, downloads as a 147 KB single executable. Simply double-click the downloaded executable to run the program.

Note: It is important that you don’t have other applications or devices utilizing your internet connection while DNS Benchmark is doing its thing. If you don’t follow this advice, your results will be skewed.

The first step is to click the Nameservers tab across the top of the interface to build a list of available servers, your current default DNS server addresses will be automatically added to the list for comparison purposes.

Once the list has been completely populated, which takes a minute or two, U.S. residents can then click the Run Benchmark button:

The default list of nameservers which is automatically applied is specific to the U.S. so users in other countries will need to go a step further. If you reside in a country other than the U.S., at the completion of the benchmarking process you will receive the following message:

Click Build Custom List and a list of 50 nameservers specific to your location will then be created. This process will take quite a while to complete (30 minutes on my system). However, this only needs to be done once, the list of custom nameservers will be saved to an INI file which will then be loaded and used for any future benchmarking. When the new list has been completed, click the Run Benchmark button. On completion of the benchmarking process, the list will be automatically sorted into the fastest first (at the top of the list) through to slowest last. You will see three colored bars associated with each nameserver:

  • RED: Cached lookups – the time to return a domain name that is already in the resolver’s name cache
  • GREEN: Uncached lookups – the time to return a sub-domain name that is not already in the resolver’s name cache
  • DOT.COM: Dotcom lookups – the time to consult the nameserver’s chosen dotcom resolver(s) for a dotcom name

These benchmarks can also be viewed in terms of milliseconds by clicking and holding the left mouse button on any nameserver. A right-click anywhere inside the window will initiate a menu containing multiple options:

As you can see from the above screenshot there is very little difference in speed between the top 10 or so results. Your current DNS server addresses are distinguished inside a black box and with a solid green dot adjacent. If these are listed among the top ten or so then speed is probably not a factor. Mine are listed at number 6 and number 10.

However, and this is VERY IMPORTANT, you now need to click the Conclusions button to view a complete rundown of exactly what the benchmarking discovered — including aspects such as reliability, proper ordering, error returns, and any subsequent recommendations. There is also a link in the Conclusions summary to visit a GRC website that checks your default DNS server for spoofability (that has to be a made up word, does it not?).

So there you have it. If one of the alternative public DNS servers — such as Cloudflare DNS which provides a more private service than your ISP — is up there with the faster speeds for your region, then you might consider changing to that server. You might also consider changing DNS servers if your current ISP’s DNS server is comparatively on the slow side, although that would be rather unusual.


4 thoughts on “Are You Using The Best DNS Server?”

  1. Thank you Jim for simplifying DNSBench. Tried it out several year ago and got lost. Do not believe I waited for the tests to finish, as it does take a long time. Even following your instructions it is good to use one computer for the testing and the other for reading. Turns out my IP is supplying me with the best server after all , Mindblower!

    1. Hey Steve,

      Yep, DNSJumper meets all the criterion- lightweight, free, and portable. DNSJumper and DNSBench are slightly different animals though.

      As I said in the article, there is more to DNS servers that just speed, there is only a matter of milliseconds between the top dozen or so anyway. DNSBench provides a complete rundown of all aspects, including reliability, error returns, proper ordering (primary and secondary), and recommendations. I guess it could be described as more of a learning/information tool. Plus, DNSJumper does not include the current DNS server (usually the ISP’s) for comparison purposes.

      Not knocking DNSJumper though, it’s a very nice little program.

Comments are closed.

Exit mobile version


Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!