Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




BDFL - Memuneh
60048 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

Topic # 232130 31-Mar-2018 11:21
Send private message quote this post

Saw a headline pointing to a Google cache for the (now empty) page at https://1.1.1.1/ 

 

The Google cache has now been removed. The headline was about this being a new DNS service by Cloudflare.





View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2


BDFL - Memuneh
60048 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
217 posts

Master Geek
+1 received by user: 37


  Reply # 1986588 31-Mar-2018 22:05
One person supports this post
Send private message quote this post

Are people really that worried about their DNS traffic?




BDFL - Memuneh
60048 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1986589 31-Mar-2018 22:06
One person supports this post
Send private message quote this post
217 posts

Master Geek
+1 received by user: 37


  Reply # 1986600 31-Mar-2018 22:35
Send private message quote this post

freitasm:

 

Some people maybe, as it can be used to identify some very private things.

 

 

Just DNS queries, so sites you may be visiting. Which for the most part can be found fairly easily if someone is across your upstream traffic anyway.


Meow
7280 posts

Uber Geek
+1 received by user: 3482

Moderator
Trusted
Lifetime subscriber

  Reply # 1986626 1-Apr-2018 00:09
Send private message quote this post

Irony on the date:

 

We’ve built 1.1.1.1 to be the Internet’s fastest DNS directory. Don’t take our word for it. The independent DNS monitor DNSPerf ranks 1.1.1.1 the fastest DNS service in the world. As of April 1, 2018, we’re 53% faster than second place, which means we're at least 53% faster than whatever you're using today.

 

Anyway - I have tested this claim - response times are actually 40% faster (average) than using 2degrees DNS servers for me. This however won't be the same with Spark / BigPipe and potentially Vodafone* due to the fact they don't peer with Cloudflare in Auckland and instead go over to Sydney.

 

I've switched my DNS servers over to Cloudflare for now - I know it isn't launched but it is indeed resolving DNS. I do like their claims, I do trust them more with their claims than other providers (I know somebody who works for Cloudflare) and personally was using quad9 before due to their no-logging policy.

 

In the past, I used to use dnscrypt with success. For anyone interested I am currently using this on Linux combined with my local DNS server with Cloudflare's DNS over HTTPS service.

 

Even though the date is off this actually currently works (and very well with ISP's that peer) - there is a cached page Here.

 

*Not actually 100% sure if Vodafone peer via APE to Cloudflare yet.





217 posts

Master Geek
+1 received by user: 37


  Reply # 1986665 1-Apr-2018 08:26
One person supports this post
Send private message quote this post

I would've expected it to be slower given the HTTPS protocol is going to be far less efficient than UDP.

 

See here: https://www.dnsv6lab.net/2016/03/05/A-performance-test-of-DNS-over-different-transport-protocol/

 

Does cloudfare keep an HTTPS tunnel open or something?

 

 

 

 




BDFL - Memuneh
60048 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1987025 2-Apr-2018 08:59
Send private message quote this post

And 1.1.1.1 is live now - Cloudflare blog here.

 

vulcannz:

 

I would've expected it to be slower given the HTTPS protocol is going to be far less efficient than UDP.

 

See here: https://www.dnsv6lab.net/2016/03/05/A-performance-test-of-DNS-over-different-transport-protocol/

 

Does cloudfare keep an HTTPS tunnel open or something?

 

 

By default your system will use the old DNS lookup - unless you have a HTTP client. Developers (OS, browsers) can add this as a feature. Documentation here.





217 posts

Master Geek
+1 received by user: 37


  Reply # 1987103 2-Apr-2018 10:30
One person supports this post
Send private message quote this post

freitasm:

 

And 1.1.1.1 is live now - Cloudflare blog here.

 

vulcannz:

 

I would've expected it to be slower given the HTTPS protocol is going to be far less efficient than UDP.

 

See here: https://www.dnsv6lab.net/2016/03/05/A-performance-test-of-DNS-over-different-transport-protocol/

 

Does cloudfare keep an HTTPS tunnel open or something?

 

 

By default your system will use the old DNS lookup - unless you have a HTTP client. Developers (OS, browsers) can add this as a feature. Documentation here.

 

 

I understand that, but the UDP based process of each DNS lookup is simply going to be faster than establishing an HTTPS connection (UDP vs TCP, no secure handshake/security negotiation) . So I would expect the only way for it to be faster is if it is opening a persistent HTTPS session to the HTTPS/DNS server.


Meow
7280 posts

Uber Geek
+1 received by user: 3482

Moderator
Trusted
Lifetime subscriber

  Reply # 1987459 3-Apr-2018 10:07
Send private message quote this post

An interesting read: https://medium.com/@nykolas.z/dns-resolvers-performance-compared-cloudflare-x-google-x-quad9-x-opendns-149e803734e5

 

Cloudflare performs very well compared to the other players. Just note, if you're on Spark, Skinny, BigPipe or Vodafone it is best to use your providers DNS due to their anti-peering policies.





'That VDSL Cat'
7540 posts

Uber Geek
+1 received by user: 1520

Trusted
Spark
Subscriber

  Reply # 1987462 3-Apr-2018 10:16
Send private message quote this post

over HTTPS compared to TLS? seems like alot of overhead...

 

 

 

Anyone done a head to head compassion?





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


nas

351 posts

Ultimate Geek
+1 received by user: 169


  Reply # 1987469 3-Apr-2018 10:27
Send private message quote this post

How does this work in terms of being served off your ISP's local CDN/whatever e.g. Netflix etc if you moved away from using ISP DNS?


'That VDSL Cat'
7540 posts

Uber Geek
+1 received by user: 1520

Trusted
Spark
Subscriber

  Reply # 1987472 3-Apr-2018 10:27
Send private message quote this post

nas:

 

How does this work in terms of being served off your ISP's local CDN/whatever e.g. Netflix etc if you moved away from using ISP DNS?

 

 

You won't hit those content servers.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


nas

351 posts

Ultimate Geek
+1 received by user: 169


  Reply # 1987512 3-Apr-2018 11:05
Send private message quote this post

Whats the benefit in using it then, other than privacy?


13749 posts

Uber Geek
+1 received by user: 2392

Trusted
Subscriber

  Reply # 1987515 3-Apr-2018 11:08
One person supports this post
Send private message quote this post

nas:

 

Whats the benefit in using it then, other than privacy?

 

 

Well, privacy that you've excluded is a significant advantage for many, but performance and reliability are also advantages.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Opera launches new mobile browser: Opera Touch
Posted 25-Apr-2018 20:45


TCF and Telcos Toughen Up on Scam Callers
Posted 23-Apr-2018 09:39


Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.