Another reason NOT TO USE Google DNS

Forums › New Zealand Broadband › Another reason NOT TO USE Google DNS

1 | 2

gundar

488 posts

Ultimate Geek

Trusted

#1007277 17-Mar-2014 13:37

freitasm:
DonGould: Personally I'm pushing 8.8.8.8 more often because it doesn't tend to break. I've had instances where my routers dns relay client seems to not work properly.

People must be using really crappy ISPs to complain so much about "DNS breaking". Seriously, can't remember the last time (if ever) I have a "DNS is broken" problem.

From my point of view, I use a lot of Google services, so using Google DNS makes sense. I get now that would exclude me from receiving NZ directed content from local content management systems, I did not realise that before, but it does seem that I get less "this content is not available in your country" notices than my peers.

That's not scientific, I know, just anecdotal. I would consider changing if I started to get stuttering or poor quality content, but I just don't and haven't in a long time.

Aredwood

3885 posts

Uber Geek

#1007745 17-Mar-2014 23:25

When I was still with Orcon, I started using OpenDNS. Youtube videos started taking ages to load and kept on buffering. And TVNZ on demand wouldn't work. Took me ages to figure out that using different DNS servers were causing the problems. Switched back to the Orcon DNS servers and everything worked again.

Also check what IP addresses your computers are using for DNS servers. Often your modem/ router will give out it's own IP address as the DNS server. This means that it will be acting as a "man in the middle" for all of your DNS traffic. This means that it might be your routers fault if you have flaky DNS. Just manually program your ISPs DNS servers into your computers TCP/IP settings.

DonGould

3892 posts

Uber Geek

#1008026 18-Mar-2014 12:34

It seems to me that we've broken the whole way DNS is meant to work.

I thought you were meant to have multipul A records to indicate that a host could be found at more than one location.

The logical thing, to me, is to have your application do a ping test and decide where to get its content from when there is more than one A record.

The other way of doing things is to use urls .nz .uk so, www.google.nz v's www.google.uk, but we seem to have just broken every obvious rule and ended up in a big mess that means we now mess about with the DNS.

The problem I see with messing with the DNS is that it just looses its integrity.

www.geekzone.co.nz - 1.1.2.1 when using my ISP
www.geekzone.co.nz - 1.2.1.1 when using googles 4.4.4.4
www.geekzone.co.nz - 2.4.5.5 when I do a dig using www.domainwhitepages.com

So how does my system prove dns integrity?

All this is shouting is more of the same "DON'T TRUST THE INTERNET!"

I get that DNSSEC is meant to address some of this stuff, but so was SSL certs (which ended up being so expensive that most couldn't afford them.

No idea what the answer to these problems is, but I can see why and how google and facebook got to be so dominate and why more and more people are just turning to web2 platforms and away from what I might have thought was the traditional internet.

Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

Gozer

184 posts

Master Geek

#1008149 18-Mar-2014 15:20

The biggest problem is people are lazy and want convenience, convenience like ssl where someone else keeps a list of who is secure and who isn't and as is often proven this works to an extent and most of the time, but does make a single ( or a few ) targets for the likes of NSA or hackers.

What would be safer is TNO or Trust No One where it's up to u to keep a list and decide if the evidence provided from the source was sufficient to prove their identity.

The Telcom SSL balls up is evidence people just don't care or know enough to care what's happening behind the scenes.

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1008160 18-Mar-2014 15:30

DonGould: It seems to me that we've broken the whole way DNS is meant to work.

I thought you were meant to have multipul A records to indicate that a host could be found at more than one location.

The logical thing, to me, is to have your application do a ping test and decide where to get its content from when there is more than one A record.

The other way of doing things is to use urls .nz .uk so, www.google.nz v's www.google.uk, but we seem to have just broken every obvious rule and ended up in a big mess that means we now mess about with the DNS.

The problem I see with messing with the DNS is that it just looses its integrity.

www.geekzone.co.nz - 1.1.2.1 when using my ISP
www.geekzone.co.nz - 1.2.1.1 when using googles 4.4.4.4
www.geekzone.co.nz - 2.4.5.5 when I do a dig using www.domainwhitepages.com

So how does my system prove dns integrity?

That's exactly how it works and how it's supposed to work. Nothing broken there. Think CDNs, geographical distribution, etc, etc.

Actually unrelated to the Google DNS hijack, which was a completely different matter.

I suggest you stop and think this over a bit more.

Yabanize

2350 posts

Uber Geek

#1008191 18-Mar-2014 16:10

When I was using Google DNS apple OTA updates stopped working so i stopped :P

webwat

2036 posts

Uber Geek

Trusted

#1011381 23-Mar-2014 14:44

I only use 8.8.8.8 as my tertiary DNS, so if slingshot falls over (again) my router should resolve with another local ISP before it tries google.

Time to find a new industry!

1 | 2