Public recursive name server
A public recursive name server is a name server that networked computers may use for Internet directory services in place of or in addition to name servers belonging to the Internet service providers to which the devices are connected. Reasons for using these services include:
- speed, compared to using ISP DNS services
- filtering (security, ad-blocking, porn-blocking, etc.)
- avoiding censorship
- redundancy (smart caching)
- access to unofficial alternative top level domains not found in the official DNS root zone
Public DNS resolver operators often cite increased privacy as an advantage of their services; critics of public DNS services have cited the possibility of mass data collection targeted at the public resolvers as a potential risk of using these services. Several services now support secure DNS lookup transport services such as DNS over TLS and DNS over HTTPS.
List of public DNS service operatorsEdit
|Security + Pornography + Proxies + Safe Search
Security + Pornography
|Anycast DNS with 20 nodes.|
|no||DNS over HTTPS|
DNS over TLS
Anycast DNS with 151 nodes
|harmful websites||15 nodes worldwide|
|Google Public DNS||22.214.171.124
|no||23 nodes, but only three in the southern hemisphere|
|Security + Pornography
Security + Pornography + Other
|17 nodes, but none in Africa, Latin America, or Australia|
|27 nodes, but only one each in Latin America, Africa, and Australia |
|OpenNIC Public Servers (2018):|
Tier 1 = 10, Tier 2 = 69
User-owned and -controlled top-level NIC (since 2000)
Alternate namespaces, e.g. .free, .dyn, .neo, .libre, .indy, .ku (Kurdish people)
Many servers offer DNSCrypt, anonymized logs or no logs kept.
Tier 2 servers are operated by community volunteers across a multitude of geographic locations.
|Malware blocking sourced from 20+ threat-intel feeds, including IBM, Cisco, and F-Secure||178 nodes on six continents|
Claims no collection of user data
Full DNSSEC validation
First global-scale Anycast resolver to support DNS-over-TLS encryption
Fully IPv4/IPv6 dual-stacked
Unsecure Option (No blocklist, send EDNS Client-Subnet) on:
|optional||66 nodes, reporting|
|80 servers (which may be aggregated in a much smaller number of clusters) in undisclosed locations |
- "How to Change Your Default DNS to Google DNS for Fast Internet Speeds". TechWorm. 2016-08-20. Retrieved 2016-10-22.
- "A simple way to get around Rogers' DNS re-directing". IT Business. Retrieved 2016-10-22.
- "OpenDNS Adds Centralized Reporting, IP-Layer Enforcement to Umbrella". mspmentor.net. Retrieved 2016-10-22.
- "Austrian Pirate Bay Blockade Censors Slovak Internet - TorrentFreak". TorrentFreak. 2015-12-03. Retrieved 2016-10-22.
- Security; Iana; Icann; Fcc; Google; again, DNS devastation: Top websites whacked offline as Dyn dies; dates, Coming soon to smart home devices? Best Before labels-with patch cut-off; IoT insecurity: US govt summons tech bosses, bashes heads together. "DNS devastation: Top websites whacked offline as Dyn dies again". Retrieved 2016-10-22.
-  at Google Retrieved 2018-04-30
- FAQ at Norton Retrieved 2017-12-14
- About at Quad9 Retrieved 2017-12-13