DNS Resolver Preferences

[JayFromEpic]

Hey everyone,

I was looking for some additional feedback from the community regarding preferred DNS Resolver settings.

Recently, some colleagues and I were discussing Cloudflare public dns vs Google public dns and which is better. Further into the convo, we started talking about options to move from Google DNS to Cloudflare DNS as our resolver preference network wide.

Currently, I am testing a mix of Cloudflare(1.1.1.1) as the primary, Google(8.8.8.8) as the secondary and our datacenter provided DNS IP as our tertiary.

In the past, we have ran strictly Google(8.8.8.8) and Google(8.8.4.4) with the DC DNS IP for our tertiary and have had no issues, reliable speeds, etc.

I'm curious as to what other providers/users have used in the past and if anyone has had any experience with the Cloudflare public dns whether positive or negative.

 

[cPanelLauren]

Hi @JayFromEpic

From a personal standpoint, I've always used google's until recently.

I've started using CloudFlare's 1.1.1.1 and 1.0.0.1 more and more lately as it seems to be a bit faster, I've also not heard anything negative in regard to CloudFlare's resolvers though this is not even a year old project so it's still fairly new.

Thanks!

 

[JayFromEpic]

Thank you for the insight Lauren, I always have trusted your input. I tried out running on Cloudflare with the Tertiary set to google dns and can confirm a big difference in speed, especially on websites using cloudflare dns.

I hope this thread helps someone out in the future!

 

[cPanelLauren]

@JayFromEpic

Thanks that means a lot to me! I appreciate it. I'm glad you could see the speed difference, awesome! I'm sure this will help someone make a decision in the future

 

[WorkinOnIt]

I'm interested in how you could really test the difference in speed between Cloudflare and Google public DNS. Could you elaborate on how you reached the conclusion that Cloudflare is faster?

 

[cPanelLauren]

Hi @WorkinOnIt

There are a ton of tools out there that will test this for you but ultimately you just simply need to check the time it takes to resolve a site, you can use ping or dig even.

My resolvers to start with are using Google's DNS:

cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4

dig cpanel.net

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> cpanel.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27947
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;cpanel.net.            IN    A

;; ANSWER SECTION:
cpanel.net.        99    IN    A    208.74.123.68
cpanel.net.        99    IN    A    208.74.121.51

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Dec 05 07:11:53 CST 2018
;; MSG SIZE  rcvd: 71

We can see my query using the DNS resolvers provided by Google takes 16 msec.

Now I've changed my resolvers to CloudFlare's:

cat /etc/resolv.conf
nameserver 1.1.1.1
nameserver 1.0.0.1

The difference in query time is very obvious - 2msec

dig cpanel.net

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> cpanel.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64576
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;cpanel.net.            IN    A

;; ANSWER SECTION:
cpanel.net.        100    IN    A    208.74.123.68
cpanel.net.        100    IN    A    208.74.121.51

;; Query time: 2 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Wed Dec 05 07:29:34 CST 2018
;; MSG SIZE  rcvd: 71

 

[Senator94]

Is it recommended to use Cloudflare or Google's public DNS in cPanel? Are there any advantages?

 

[quietFinn]

Is it recommended to use Cloudflare or Google's public DNS in cPanel? Are there any advantages?

It's recommended and actually required to use nameservers that work in the resolver.
cPanelLauren's tests show that CloudFlare is a bit faster than Google, but both work.

 

[cPanelLauren]

The recommendation is, use whichever you prefer. I personally have been using CloudFlare's for a while now due to the faster resolution times and the focus on security (DNS over TLS and DNS over HTTPS)