Do you use alternative DNS servers?

[TechWea]

I've recently run into video streaming issues on certain sites that use Akamai CDNs. It turns out that it was my Cloudfare DNS that was causing the issue. The DNS was causing the CDN to assign me servers in remote regions. As a result, streaming was very slow for me. This is making me rethink the DNS servers I use for my PC and game consoles. On one hand, I would lose anonymity and look up speed, but on the other hand I would get much better performance on CDNs.

 

If you're having issues with streaming/downloading from a network, it's worth looking into your DNS configuration.

 

Is there another solution to this issue? Do you use alternative DNS servers or do you stick with your ISP's?

[mikat]

Yeah I set my fallback DNS servers to 8.8.8.8 and 8.8.4.4 (google dns) and ran my own DNS on windows server 2016

(not anymore since a fan died in my server and it's 25 eur to replace it but im too cheap )

[brwainer]

Personally I’m using cloudflare DNS and have not had an issue with the locality of assigned CDN servers, but that is definitely one possible issue/reason to keep using the ISP DNS servers.

 

in my work we deal with several thousand (over 5000 getting close to 10000) seperate internet connections. Our policy is that the two (or more) DNS servers that we program in should never come from the same DNS provider. We also like to mix it up and not use the same set for every install. This is because in the past we used to put in only the primary and secondary servers run by a certain company, and then they had an 18 hour DNS failure and we couldn’t even log in to our remote routers to change their settings to other DNS. Another reason is that sometimes google DNS will decide you are part of a DDOS and block you for a bit.

 

Our engineers are given personal choice on what to put in, so that if there is any issue with a certain DNS provider it won’t affect all of our properties. Currently I pick out 3 IPs from this list:

8.8.8.8

8.8.4.4

1.1.1.1

9.9.9.9

ISP DNS IP for that specific internet connection

[Alex Atkin UK]

That's actually not a great idea as you don't want to be using DNS servers on the same connection that give different results, it can cause reliability issues.

 

Cloud9 filter their DNS, Google do not.  So you could end up with a site working and not working sporadically, or bouncing between different CDN data centres.  Even between Google and Cloudflare odds are the results will be different at times depending on how their systems work.

On a business sized network you really should be running your own in-house DNS cache doing full resolution.  Heck, Netgate even recommended I do so rather than forwarding due to the fact its the only way to know you are getting an unfiltered response taking into account the local topology, thus making CDN resolve optimally for your specific ISP.

[brwainer]

39 minutes ago, Alex Atkin UK said:

That's actually not a great idea as you don't want to be using DNS servers on the same connection that give different results, it can cause reliability issues.

 

Cloud9 filter their DNS, Google do not.  So you could end up with a site working and not working sporadically, or bouncing between different CDN data centres.  Even between Google and Cloudflare odds are the results will be different at times depending on how their systems work.

On a business sized network you really should be running your own in-house DNS cache doing full resolution.  Heck, Netgate even recommended I do so rather than forwarding due to the fact its the only way to know you are getting an unfiltered response taking into account the local topology, thus making CDN resolve optimally for your specific ISP.

Yes, this is a very valid point, however we don’t program in DNS to the end user devices (DHCP or static). The DNS servers I mentioned are put into the firewall and gateway, and downstream devices use those as their DNS server. So the issue of bouncing between sources is limited by the caching in our networking equipment, and all clients should have the same results at a certain time.

[Alex Atkin UK]

14 hours ago, brwainer said:

Yes, this is a very valid point, however we don’t program in DNS to the end user devices (DHCP or static). The DNS servers I mentioned are put into the firewall and gateway, and downstream devices use those as their DNS server. So the issue of bouncing between sources is limited by the caching in our networking equipment, and all clients should have the same results at a certain time.

All I can say is Netgate highly recommended I DO NOT use that configuration.  I was temporarily when Cloudflare was failing to get results for certain domains whereas Cloud9 was.

[mtz_federico]

I use cloudflare and fallback to Google dns and never had a problem