Open main menu

Public recursive name server

A public recursive name server (also called public DNS resolver) is a name server service that networked computers may use for query to DNS, the decentralized Internet naming system, in place of or in addition to name servers operated by the Internet service provider to which the devices are connected. Reasons for using these services include:

Public DNS resolver operators often cite increased privacy as an advantage of their services; critics of public DNS services have cited the possibility of mass data collection targeted at the public resolvers as a potential risk of using these services. Several services now support secure DNS lookup transport services such as DNS over HTTPS and DNS over TLS.

Public DNS resolvers are operated either by commercial companies, offering their service for free use to the public, or by private enthusiasts to help spread new technologies and support non-profit communities.

List of public DNS service operatorsEdit

Provider Nodes Privacy policy DNS over UDP DNSSEC DNS over TLS DNS over HTTPS DNSCrypt CNAME addresses IPv4 addresses IPv6 addresses Filters Remarks
CleanBrowsing[6] 20 Yes[7] Yes Yes Yes[8] Yes[9] Yes[10] 185.228.168.168
185.228.169.168
2a0d:2a00:1::
2a0d:2a00:2::
Family Designed to be used on devices of kids under 13.
185.228.168.10
185.228.169.11
2a0d:2a00:1::1
2a0d:2a00:2::1
Adult
185.228.168.9
185.228.169.9
2a0d:2a00:1::2
2a0d:2a00:2::2
Security
Cloudflare 1.1.1.1[11] 155[12] Yes[13] Yes Yes[14] Yes[15] Yes[16] No 1dot1dot1dot1.cloudflare-dns.com
one.one.one.one
1.1.1.1
1.0.0.1
2606:4700:4700::1111
2606:4700:4700::1001
None
Comodo Secure DNS[17] No Yes No No No No ns1.recursive.dnsbycomodo.com
ns2.recursive.dnsbycomodo.com
8.26.56.26
8.20.247.20
CZ.NIC ODVR[18] Yes Yes Yes No No No 217.31.204.130
193.29.206.206
2001:1488:800:400::130
2001:678:1::206
None Servers are located in Prague
Oracle + Dyn[19] Yes[20] Yes Yes resolver1.dyndnsinternetguide.com
resolver2.dyndnsinternetguide.com
216.146.35.35
216.146.36.36
DNS.WATCH[21] No No Yes No No No resolver1.dns.watch
resolver2.dns.watch
84.200.69.80
84.200.70.40
2001:1608:10:25::1c04:b12f
2001:1608:10:25::9249:d69b
None
Google Public DNS[22] 23[23] Yes[24] Yes Yes Yes Yes[25] No dns.google

google-public-dns-a.google.com
google-public-dns-b.google.com

8.8.8.8
8.8.4.4
2001:4860:4860::8888
2001:4860:4860::8844
None
2001:4860:4860::6464
2001:4860:4860::64
None Intended to be used on networks with NAT64 gateway.[26]
Neustar UltraRecursive[27] Yes[28] Yes Yes No No No 156.154.70.1
156.154.71.1
2610:a1:1018::1
2610:a1:1019::1
None
156.154.70.2
156.154.71.2
2610:a1:1018::2
2610:a1:1019::2
Malware, ransomware, spyware, phishing
156.154.70.3
156.154.71.3
2610:a1:1018::3
2610:a1:1019::3
Low security + gambling, pornography, violence, hate
156.154.70.4
156.154.71.4
2610:a1:1018::4
2610:a1:1019::4
Medium security + gaming, adult, drugs, alcohol, anonymous proxies
156.154.70.5
156.154.71.5
2610:a1:1018::5
2610:a1:1019::5
None Will not redirect non-existent domains to a landing page
Norton ConnectSafe[29] Yes[30] Yes No No No No 199.85.126.10
199.85.127.10
Security (malware, phishing sites and scam sites) Shut down on November 15, 2018[31]
199.85.126.20
199.85.127.20
Security and pornography
199.85.126.30
199.85.127.30
Family-friendly: security, pornography and other objectionable content
OpenDNS[32] 31[33] Yes[34] Yes No No No Yes[35] resolver1.opendns.com
resolver2.opendns.com
208.67.222.222
208.67.220.220
2620:119:35::35
2620:119:53::53
Basic Security filtering + user defined policies
resolver1-fs.opendns.com
resolver2-fs.opendns.com
208.67.222.123
208.67.220.123
"FamilyShield": adult content
resolver1.ipv6-sandbox.opendns.com
resolver2.ipv6-sandbox.opendns.com
2620:0:ccc::2
2620:0:ccd::2
None Sandbox addresses which provide no filtering
OpenNIC[36] Yes[37] Yes No No No Partial[38] Several [39] 185.121.177.177
169.239.202.202
2a05:dfc7:5::53
2a05:dfc7:5::5353
List of all OpenNIC Tier 2 DNS Resolvers
Quad9[40] 137[41] Yes[42] Yes Yes[43] Yes[44] Yes[45] Yes[46] dns.quad9.net
rpz-public-resolver1.rrdns.pch.net
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
Malicious domains (phishing, malware, exploit kit domains)
No[47] dns-nosec.quad9.net 9.9.9.10
149.112.112.10
2620:fe::10
2620:fe::fe:10
None
UncensoredDNS[48] No No Yes Yes[49] No No anycast.censurfridns.dk
unicast.censurfridns.dk
91.239.100.100
89.233.43.71
2001:67c:28a4::
2a01:3a0:53:53::
None Hosted in Denmark, servers listen to ports 53 and 5353
VeriSign Public DNS[50] Yes[51] Yes Yes[52] No No No recpubns1.nstld.net
recpubns2.nstld.net
64.6.64.6
64.6.65.6
2620:74:1b::1:1
2620:74:1c::2:2
None
Yandex.DNS[53] Yes[54] Yes No No No No 77.88.8.1
77.88.8.8
2a02:6b8::feed:0ff
2a02:6b8:0:1::feed:0ff
None
77.88.8.2
77.88.8.88
2a02:6b8::feed:bad
2a02:6b8:0:1::feed:bad
"Safe": fraudulent / infected / bot sites
77.88.8.3
77.88.8.7
2a02:6b8::feed:a11
2a02:6b8:0:1::feed:a11
"Family": fraudulent / infected / bot / adult sites

ReferencesEdit

  1. ^ "How to Change Your Default DNS to Google DNS for Fast Internet Speeds". TechWorm. 2016-08-20. Retrieved 2016-10-22.
  2. ^ "A simple way to get around Rogers' DNS re-directing". IT Business. Retrieved 2016-10-22.
  3. ^ "OpenDNS Adds Centralized Reporting, IP-Layer Enforcement to Umbrella". mspmentor.net. Retrieved 2016-10-22.
  4. ^ "Austrian Pirate Bay Blockade Censors Slovak Internet - TorrentFreak". TorrentFreak. 2015-12-03. Retrieved 2016-10-22.
  5. ^ Security; Iana; Icann; Fcc; Google; again, DNS devastation: Top websites whacked offline as Dyn dies; dates, Coming soon to smart home devices? Best Before labels-with patch cut-off; IoT insecurity: US govt summons tech bosses, bashes heads together. "DNS devastation: Top websites whacked offline as Dyn dies again". Retrieved 2016-10-22.
  6. ^ "IPv4 and IPv6 Anycast DNS Firewall and Resolver".
  7. ^ NOC.org / dcid. "CleanBrowsing Privacy and Terms of Service". Cleanbrowsing.org. Retrieved 2019-01-04.
  8. ^ "Parental Control with DNS over TLS Support".
  9. ^ NOC.org / dcid. "Parental Control with DNS Over HTTPS (DoH) Support". Cleanbrowsing.org. Retrieved 2019-01-04.
  10. ^ NOC.org / dcid. "Parental Control with DNSCrypt Support". Cleanbrowsing.org. Retrieved 2019-01-04.
  11. ^ "1.1.1.1 — the Internet's Fastest, Privacy-First DNS Resolver".
  12. ^ Cloudflare: Our Anycast Network Map
  13. ^ "Privacy Policy". Cloudflare. Retrieved 2019-01-04.
  14. ^ "The Nitty Gritty - Cloudflare Resolver".
  15. ^ Cloudflare Inc (2018-03-31). "DNS over TLS - Cloudflare Resolver". Developers.cloudflare.com. Retrieved 2019-01-04.
  16. ^ Cloudflare Inc. "DNS over HTTPS - Cloudflare Resolver". Developers.cloudflare.com. Retrieved 2019-01-04.
  17. ^ Comodo Secure DNS, Managed DNS Service, Secure DNS Provider
  18. ^ CZ.NIC Open DNSSEC Validating Resolvers
  19. ^ "Surf faster with Dyn's Recursive DNS". dyn.com. Retrieved 2018-12-31.
  20. ^ "Oracle's Privacy Policy". dyn.com. Retrieved 2018-12-31.
  21. ^ "DNS.WATCH". dns.watch. Retrieved 2019-01-16.
  22. ^ Google Public DNS
  23. ^ Google Public DNS: Where are your servers currently located?
  24. ^ Google Public DNS: Your Privacy
  25. ^ Google Public DNS: DNS-over-HTTPS
  26. ^ Google Public DNS64
  27. ^ "Recursive DNS on the Global Anycast Network | Neustar". security.neustar. Retrieved 2018-10-24.
  28. ^ "Privacy Policy | Neustar". home.neustar.
  29. ^ Norton ConnectSafe
  30. ^ Norton ConnectSafe Privacy Notice
  31. ^ "Norton ConnectSafe". connectsafe.norton.com. Retrieved 2018-12-31.
  32. ^ Cloud Delivered Enterprise Security by OpenDNS
  33. ^ OpenDNS: Data Center Locations
  34. ^ Cisco Online Privacy Statement
  35. ^ OpenDNS: DNS Security with DNSCrypt
  36. ^ OpenNIC Project
  37. ^ OpenNIC: Privacy Policy
  38. ^ OpenNIC: DNSCrypt
  39. ^ OpenNIC Tier 2 DNS Resolvers
  40. ^ Quad9 DNS: Internet Security and Privacy in a Few Easy Steps
  41. ^ Quad9’s Year One Success Shows There is a DNS Solution that Provides Both Privacy and Security
  42. ^ Quad9: Privacy, Data Collection and Use Policy
  43. ^ Quad9 FAQ: Does Quad9 implement DNSSEC?
  44. ^ Quad9 Frequently Asked Questions
  45. ^ DoH with Quad9 DNS Servers
  46. ^ Quad9 DNSCrypt Now In Testing
  47. ^ Quad9 FAQ: Is there a service that Quad9 offers that does not have the blocklist or other security?
  48. ^ UncensoredDNS
  49. ^ DNS over TLS Pubkey Pinning Info for unicast.uncensoreddns.org
  50. ^ Verisign Public DNS
  51. ^ Verisign Public DNS Terms of Service
  52. ^ Verisign Public DNS Forum: employee post
  53. ^ Yandex.DNS
  54. ^ Terms of use of the Yandex.DNS service

External linksEdit