1.1.1.1

thecomputerguy · Apr 26, 2018

What does everyone think of this? I'm testing it out in a real life scenario at my house on a 100/25 connection.

Markverhyden · Apr 26, 2018

spamvertisement. The point is to harvest data for their customers. Cloudflare is not a welfare agency.

nlinecomputers · Apr 26, 2018

Markverhyden said:
spamvertisement. The point is to harvest data for their customers. Cloudflare is not a welfare agency.

That's true of any of the free DNS services, OpenDNS or Google.

MDD1963 · Apr 26, 2018

I am in Okinawa, so, as it added 100 ms minimum to typical ping times, so I quickly lost interest...

GTP · Apr 26, 2018

I used it on a couple of clients systems till they reported that their "games kept losing connection to the server,"
and "I have awful lag ingame now!"
I tried it on my game rig and confirmed that it does increase ping times substantially, making some games unplayable.
Mine went from about 26ms to 250ms on 1.1.1.1
9.9.9.9 is about 32ms and 8.8.8.8 is the same as Qua9.

For $1.66 p/m I can use KillPing's servers that purport to give me a 46% improvement on my ping. lol

NJW · Apr 26, 2018

Barcelona said:
... confirmed that it does increase ping times substantially ...

Probably your geographical location, or your ISP's routing policy. What do you get with a dig request?

I find my results are pretty much in line with the DNS Perf graph for Europe. Additionally, the 1.1.1.1 caching is evident for subsequent requests for the same FQDN and the pre-caching feature also makes a difference for common/popular sites.

Whether the performance will keep up if/when the service becomes more popular, remains to be seen.

NJW · Apr 26, 2018

Markverhyden said:
The point is to harvest data for their customers. Cloudflare is not a welfare agency.

I share your cynical mind

and while I agree that Cloudflare is primarily a commercial operation, their 1.1.1.1 privacy policy looks okay, at least to this layman's eye. There's no denying that Cloudflare's commercial operation benefits from a fast and reliable DNS service, as well as helping them steer CDN resources to where they are most effective.

NJW · Apr 26, 2018

Barcelona said:
Dig results for 1.1.1.1 and Quad 9

There's no point doing a DNS lookup on an IP address!

Try:

Code:

dig @1.1.1.1 www.barcelonacomputers.com.au
dig @9.9.9.9 www.barcelonacomputers.com.au

dig @1.1.1.1 google.com
dig @9.9.9.9 google.com

Each line is a separate command. Run each command twice in succession and note the ';; Query time: ...' line for each result. You should see that the second of each result is quicker if the DNS server is caching (good); the google.com queries will show if common sites are already pre-cached (good).

Edit to add: some of my results. That first-query time for Quad9 is terrible and is representative of other first queries (except for common sites, e.g., google.com, facebook.com, ... where there is no change for first and subsequent). For subsequent (cached) results, the query time is about the same as the ping to the DNS server IP address.

Code:

dig @1.1.1.1 www.barcelonacomputers.com.au
;; Query time: 53 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Apr 26 09:56:35 CEST 2018
;; MSG SIZE  rcvd: 88

dig @1.1.1.1 www.barcelonacomputers.com.au
;; Query time: 15 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Apr 26 09:56:46 CEST 2018
;; MSG SIZE  rcvd: 88

dig @9.9.9.9 www.barcelonacomputers.com.au
;; Query time: 284 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Thu Apr 26 09:58:48 CEST 2018
;; MSG SIZE  rcvd: 88

dig @9.9.9.9 www.barcelonacomputers.com.au
;; Query time: 21 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Thu Apr 26 10:00:37 CEST 2018
;; MSG SIZE  rcvd: 88

NJW · Apr 26, 2018

Close, but ...

You need the '@' symbol before the target server: 'dig @1.1.1.1 www.store.steampowered.com'. You have made two queries from your default DNS server. Which leads to the following point.

Ubuntu (and thus, Linux Mint) have a caching DNS proxy installed by default (which is why SERVER: shows 127.0.1.1). This won't affect the dig query for our purposes, if it's correctly formatted, and should only help with DNS lookup performance in normal use. The second dig command should have been much quicker, as your local DNS cache should already have had it.

Try successive simple dig commands (e.g., 'dig google.com'). The first should be whatever your normal DNS lookup time is, ideally a few tens of ms, but perhaps several hundred; the second and subsequent runs should have a response time of single-digit ms if your local dnsmasq is working properly.

Markverhyden · Apr 26, 2018

NJW said:
I share your cynical mind and while I agree that Cloudflare is primarily a commercial operation, their 1.1.1.1 privacy policy looks okay, at least to this layman's eye. There's no denying that Cloudflare's commercial operation benefits from a fast and reliable DNS service, as well as helping them steer CDN resources to where they are most effective.

Of course they are not going to both capturing personal data, it's useless to their customers. It's the other stuff that has value to their customers.

Bryce W · Apr 27, 2018

Big improvement here in Australia: https://www.dnsperf.com/#!dns-resolvers

GTP · Apr 27, 2018

Code:

$ dig @1.1.1.1 google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @1.1.1.1 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53758
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1536
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             39      IN      A       216.58.203.110

;; Query time: 54 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Apr 27 15:33:15 ACST 2018
;; MSG SIZE  rcvd: 55

$ dig @9.9.9.9 google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @9.9.9.9 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2946
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             93      IN      A       172.217.25.174

;; Query time: 38 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Fri Apr 27 15:34:47 ACST 2018
;; MSG SIZE  rcvd: 55

$ dig @9.9.9.9 store.steampowered.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @9.9.9.9 store.steampowered.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25640
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;store.steampowered.com.                IN      A

;; ANSWER SECTION:
store.steampowered.com. 20      IN      A       23.77.132.171

;; Query time: 231 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Fri Apr 27 15:36:02 ACST 2018
;; MSG SIZE  rcvd: 67



$ dig @1.1.1.1 store.steampowered.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @1.1.1.1 store.steampowered.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53562
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1536
;; QUESTION SECTION:
;store.steampowered.com.                IN      A

;; ANSWER SECTION:
store.steampowered.com. 12      IN      A       23.77.132.171

;; Query time: 45 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Apr 27 15:36:44 ACST 2018
;; MSG SIZE  rcvd: 67

Mercenary Roadie · Apr 28, 2018

This is interesting.

1.1.1.1

thecomputerguy

Well-Known Member

Markverhyden

Well-Known Member

nlinecomputers

Well-Known Member

MDD1963

Well-Known Member

GTP

Well-Known Member

NJW

Well-Known Member

NJW

Well-Known Member

NJW

Well-Known Member

NJW

Well-Known Member

Markverhyden

Well-Known Member

Bryce W

Administrator

GTP

Well-Known Member

Mercenary Roadie

Well-Known Member

Similar threads