DNS optimisation

[Speedster]

Figured I may as well add DoT servers. Here's the updated list:

#Cloudfare
1.1.1.1
1.0.0.1
https://dns.cloudflare.com/dns-query
tls://one.one.one.one

#Google
8.8.8.8
8.8.4.4
https://dns.google/dns-query
tls://dns.google

#Quad9
9.9.9.9
149.112.112.112
https://dns.quad9.net/dns-query
tls://dns.quad9.net

#NextDNS
45.90.28.127
45.90.30.127
https://dns.nextdns.io/xxxxxx
tls://xxxxxx.dns.nextdns.io

#ControlD
76.76.10.0
76.76.2.0
https://freedns.controld.com/p0
p0.freedns.controld.com

 

[Speedster]

I know it's early days, small sample and all that, but these DoH and DoT servers are flying!! I was under the impression they'd be slower than vanilla DNS, but clearly I was wrong.

https://dns.nextdns.io:443/xxxxxx 5 ms
https://dns.quad9.net:443/dns-query 5 ms
tls://xxxxxx.dns.nextdns.io:853 5 ms
tls://dns.quad9.net:853 7 ms
tls://one.one.one.one:853 8 ms
https://dns.cloudflare.com:443/dns-query 16 ms
tls://dns.google:853 19 ms
149.112.112.112:53 22 ms
1.0.0.1:53 23 ms
45.90.28.127:53 28 ms
8.8.8.8:53 29 ms
9.9.9.9:53 36 ms
1.1.1.1:53 43 ms
https://dns.google:443/dns-query 47 ms
8.8.4.4:53 62 ms
https://freedns.controld.com:443/p0 86 ms
p0.freedns.controld.com:53 92 ms
76.76.10.0:53 102 ms
45.90.30.127:53 365 ms
76.76.2.0: 612 ms

 

[ubercal]

Has your web browsing experience improvement since optimizing your dns ?

 

[Speedster]

Has your web browsing experience improvement since optimizing your dns ?

Yes, it gives me great satisfaction knowing my DNS is faster than yours.

 

[carbz771]

I know it's early days, small sample and all that, but these DoH and DoT servers are flying!! I was under the impression they'd be slower than vanilla DNS, but clearly I was wrong.

https://dns.nextdns.io:443/xxxxxx 5 ms
https://dns.quad9.net:443/dns-query 5 ms
tls://xxxxxx.dns.nextdns.io:853 5 ms
tls://dns.quad9.net:853 7 ms
tls://one.one.one.one:853 8 ms
https://dns.cloudflare.com:443/dns-query 16 ms
tls://dns.google:853 19 ms
149.112.112.112:53 22 ms
1.0.0.1:53 23 ms
45.90.28.127:53 28 ms
8.8.8.8:53 29 ms
9.9.9.9:53 36 ms
1.1.1.1:53 43 ms
https://dns.google:443/dns-query 47 ms
8.8.4.4:53 62 ms
https://freedns.controld.com:443/p0 86 ms
p0.freedns.controld.com:53 92 ms
76.76.10.0:53 102 ms
45.90.30.127:53 365 ms
76.76.2.0: 612 ms

Which tool(s) are you using to test this? The numbers for ControlD seem very high.

From https://controld.com/status

 

[Soul Assassin]

Which tool(s) are you using to test this? The numbers for ControlD seem very high.

From https://controld.com/status

It looks like it's the average upstream response time for the last 24 hours reported by Adguard Home.

 

[Speedster]

It looks like it's the average upstream response time for the last 24 hours reported by Adguard Home.

Correct. 7 day average though.

 

[Speedster]

Correct. 7 day average though.

Here's the leaderboard for the ICTGlobe fibre line

- 1.0.0.1 27 ms
- 149.112.112.112 31 ms
- 1.1.1.1 41 ms
- 8.8.8.8 41 ms
- 8.8.4.4 43 ms
- 9.9.9.9 71 ms

I've added the DoH and DoT servers here too now

 

[Speedster]

Here's the state of play after running the encrypted servers for a week too. I'm going to nerf some of the vanilla servers. NextDNS only allows for 300k requests per month on the free plan, and using all four of their servers concurrently chomps that quota in no time.

https://dns.quad9.net:443/dns-query 6 ms
https://dns.nextdns.io:443/xxxxxx 6 ms
45.90.28.127:53 7 ms
9.9.9.9:53 7 ms
149.112.112.112:53 8 ms
tls://xxxxxx.dns.nextdns.io:853 9 ms
tls://one.one.one.one:853 9 ms
tls://dns.quad9.net:853 9 ms
1.1.1.1:53 12 ms
1.0.0.1:53 13 ms
https://dns.cloudflare.com:443/dns-query 16 ms
8.8.8.8:53 22 ms
8.8.4.4:53 22 ms
tls://dns.google:853 24 ms
https://dns.google:443/dns-query 31 ms
https://freedns.controld.com:443/p0 67 ms
p0.freedns.controld.com:53 72 ms
76.76.2.0:53 76 ms
76.76.10.0:53 81 ms
45.90.30.127:53 399 ms

And since I know @ubercal wants to know, my average processing time is down by about 50% (from 16ms to 10ms).

 

[Smiggles]

Happy with https://controld.com/. Got the full control plan for $10 per year. Cheap as chips

 

[Speedster]

Here's the most recent 7 day's stats for home (Telkom/Openserve). I'm dropping controld - it's weirdly slow - as well as all the unecrypted servers.

https://dns.quad9.net:443/dns-query 6 ms
https://dns.nextdns.io:443/xxxxxx 7 ms
9.9.9.9:53 8 ms
tls://one.one.one.one:853 9 ms
149.112.112.112:53 10 ms
tls://xxxxxx.dns.nextdns.io:853 11 ms
tls://dns.quad9.net:853 12 ms
1.1.1.1:53 12 ms
1.0.0.1:53 14 ms
https://dns.cloudflare.com:443/dns-query 20 ms
8.8.8.8:53 26 ms
tls://dns.google:853 27 ms
https://dns.google:443/dns-query 30 ms
8.8.4.4:53 30 ms
76.76.2.0:53 35 ms
https://freedns.controld.com:443/p0 81 ms
76.76.10.0:53 81 ms
p0.freedns.controld.com:53 87 ms

 

[BBSA]

Can you add https://doh.cleanbrowsing.org/doh/security-filter/

 

[Speedster]

Can you add https://doh.cleanbrowsing.org/doh/security-filter/

Done

 

[Speedster]

Can you add https://doh.cleanbrowsing.org/doh/security-filter/

Noice!!! It's still early doors, but that server is pumping!! Sitting at 5ms at the moment.

 

[Speedster]

Noice!!! It's still early doors, but that server is pumping!! Sitting at 5ms at the moment.

Just to note, cleanbrowsing was blocking access to my home assistant dashboard (on xxx.duckdns.org). I've specified a specific upstream for *.duckdns.org now.

 

[Speedster]

Here's the last week's data after removing all the vanilla servers. I do need to figure out why 1.1.1.1 is still in there, I'm guessing it's some internal adguard setting.

https://dns.quad9.net:443/dns-query 7 ms
tls://dns.quad9.net:853 9 ms
1.1.1.1:53 9 ms
https://doh.cleanbrowsing.org:443/doh/security-filter/ 10 ms
https://dns.nextdns.io:443/xxxxxx 10 ms
https://dns.cloudflare.com:443/dns-query 17 ms
tls://one.one.one.one:853 18 ms
tls://dns.google:853 28 ms
https://dns.google:443/dns-query 63 ms

EDIT: The 1.1.1.1 requests are PTR requests which apparently macos uses for bonjour. Well, at least this is what gemini tells me.

 

[Speedster]

Haven't tinkered, or even looked at, the DNS settings since the start of January. Took a quick look now and was pleasantly surprised to see average processing time at 6ms.

1.1.1.1:53 6 ms
https://dns.nextdns.io:443/xxxxx 6 ms
tls://one.one.one.one:853 10 ms
https://dns.quad9.net:443/dns-query 10 ms
https://doh.cleanbrowsing.org:443/doh/security-filter/ 10 ms
tls://dns.quad9.net:853 12 ms
https://dns.cloudflare.com:443/dns-query 17 ms
https://dns.google:443/dns-query 24 ms
tls://dns.google:853 24 ms

 

[Bliksis]

I'm using the DNS to block adverts and other unwanted websites, optimisation is a byproduct

Which ones do you use for ad blocking?

 

[Speedster]

Which ones do you use for ad blocking?

See OP. I run adguard home locally

 

[devil's_child]

1.1.1.1 is still there because it's probably what you've set as the bootstrap server, which is used to resolve the DoH and DoT records.

Just something to be aware of though, I noticed you are using Quad9, NextDNS and CleanBrowsing, which does malware blocking, but you still have the normal Cloudflare resolver and Google DNS in there, which doesn't do malware blocking.
I would maybe remove the Google DNS (or just use it as a failover) and replace the normal Cloudflare records with the following records which does do malware blocking:

https://security.cloudflare-dns.com/dns-query
tls://security.cloudflare-dns.com