How to Find the Best DNS Server

In a Hurry?
  Go straight to the Quick Selection Guide for short detailed summaries of each product

  Go straight to the Change Log to see what's new since the major update in June 2011


DNS servers are the most trusted component of your web browsing experience but few people understand how they work or how their security vulnerabilities can cause you problems. I recommend that you read both What DNS Servers Do and How to Change DNS Server before you change the DNS servers your system relies upon.

Three free utilities can help you to find the best DNS servers for your system.These benchmarking programs use their databases of DNS servers to test those that will give you the best improvement. The best performance is likely to be from from a mixture of DNS servers that are close to your location and a global DNS server that has a large database. These programs are portable (run without installation), use similar methods and provide similar results. Their reporting is very different so I recommend that you try both NameBench and DNS Benchmark.

  • Google NameBench is easy to use and comprehensive but doesn't preview the DNS servers being benchmarked. It is compatible with Windows, Mac OS X, and UNIX.

  • Gibson Research Corporation DNS Benchmark is the program I prefer. It is a little more complex but provides a lot of documentation and help for each step. It does preview the servers that will be tested before you run the actual benchmark. It is a Windows program that also runs in Windows emulation (Wine) for Mac OS X and Linux.

I recommend DNS Benchmark for all users outside of North America. It clearly identifies one problem that NameBench does not. My primary DNS server had slow response times for major dot com sites which  usually have their home in the United States.

  • DNS Jumper is the simplest with very limited testing. It provides a quick test of public DNS servers, allows you to customize the DNS server list, and can change your configuration. It runs under Windows.

There are two sections in this how to guide.

  1. How to configure the testing software
  2. How to run the tests using NameBench, DNS Benchmark or DNS Jumper.

Installing  the software

These programs run directly from the download and have no install procedure so they don't alter the Windows registry or add shortcuts to the desktop or menu.

How to copy the files to the folder you want to run them from

They also won't create their own folders to install to so if you want that you will have to do it yourself.

  • namebench-1.3.1-Windows.exe and should be unzipped to the folder you desire.
  • DNSBench.exe should be copied to the folder you desire.

Download additional files as required

Namebench command line version requires Python 2.5 to 2.7 to be installed. UNIX and Mac OS X usually have it so it is mainly Windows users who might have to install it.

Advanced configuration

The average user can skip the rest of this section and go straight to testing.

Editing the configuration files before running the first test

The first test will be the most accurate because it is more likely that the tested domains will not be cached. Once the test has run then any further requests for the same domain are likely to be cached. Therefore some advanced users might want to edit the configuration files before running the first test.

Namebench has three configuration files in a subfolder (\namebench\config) of the folder you have unzipped it to:

  • namebench.cfg is the main configuration file and probably the only one that you will edit. I edited it to increase number of servers tested and added more global DNS servers.
    It contains the following:
    • Settings, most of which can be overridden if you use the Python command line.
    • Global DNS servers. The default is to test them.
    • Regional DNS servers. The default is to test them.
  • hostname_reference.cfg contains two lists of websites.
    • censored sites which are not tested unless specified
    • sanity checks sites which are used to check that the returned IP is correct for the DNS name.
      These are tested everytime unless you have a version of NameBench which includes the option to turn this off, ie download_latest = 1 becomes download_latest=0.
  • data_sources.cfg points to the sources of the website test list:
    • List files provided with NameBench
    • Browser databases

DNS Benchmark has two configuration lists which do not exist when you first run DNS Benchmark. I created both lists from those tested in NameBench so that I can compare the results of the two programs.
I opened the NameBench .csv results in Excel, summarized the list of sites and DNS hosts using two pivot reports (there are other ways to do it), then copied the lists into the respective files:

  • DNSBench.ini contains the list of DNS servers to be tested. It is not created until you decide to add or remove servers using the menu or until you have run the test to create your own customized list of servers. You can create many .ini files with different names and add or remove them from the test list anytime that you like.
  • domains.txt contains the list of websites to be used for the tests. The default is the top 50 Alexa sites from 2009, there is also a list of 100 top Alexa sites. Note that both lists are uncensored so by testing these sites there is potential for embarrassment or worse. Both files are available at Resource Files for Advanced Benchmarking.
    Once edited you have to run DNS Benchmark with the command line option:
dnsbench.exe /domains domains.txt

DNS Jumper has one configuration file:

  • DNSJumper.ini contains the DNS server list, a few program options, and the text for each language.
    To add another DNS server type append it to the list  in the format <server name?=<server IP address>,<server IP address> etc., e.g."my setup=,". DNSJumper will automatically assign the correct server number.

In this section I explain how to test using a real example of my own.

Checklist before you start testing

  • Only the DNS test program should be using the Internet connection otherwise your results will be affected by other traffic and may not be consistent with any later test.
  • If your firewall has outbound-blocking then it can block the tests. You might need to turn that off temporarily by following the specific instructions for each product.
  • The first test is likely to be most accurate because later tests will be running the same queries which should then be cached in the servers. If you have your own list then now is the time to use it.

Testing with NameBench

 1. Run NameBench and set the test options.

NameBench opening screen

The NameBench options are explained as follows:

  • Nameservers lists the IP addresses of your system DNS servers. You can delete them from the test or append other servers to the list.
    In this screenshot, is an IP address reserved for private networks such as my router which has two DNS servers defined. On my PC is automatically assigned (by DHCP) from the router. is the secondary IP address that I manually input in Windows.
  • Include global DNS providers should probably be checkmarked. They will provide a good baseline for comparing other DNS servers. If you don't check this then you will only get results for the fastest DNS servers for your system.
    NameBench defaults to 10 DNS servers so the more global servers that are included then the fewer regional DNS servers will be included. For the results graphs, NameBench will usually only use the primary DNS server because it removes duplicated/backup/replicated servers so, for example, Google DNS will only count as one DNS server although Google has many servers and several IP addresses.
  • Include best available regional DNS services should be checkmarked because these will usually be your fastest DNS servers.
  • Include censorship checks will include websites that are often censored because of political views, violence and hatred, gambling, etc.
  • Upload and share your anonymized results should be checkmarked if you want an easy way to share your results over the Internet. I expect that in the future NameBench will provide reporting from this database without running a benchmark.
  • Health Check Performance should be set to Fast (to query 40 DNS servers at a time) unless you have poor connection in which case set it to Slow (to query 10 DNS servers at a time).
  • Number of queries defaults to 250 web sites for each of the 11 DNS servers. You can speed up the tests by changing it to 50 which is the default for DNS Benchmark.
  • Query Data Source determines where NameBench gets its list of domain names to test. As well as five test scenarios , NameBench can extract the information from Camino, Chrome, Chromium, Epiphany, Firefox, Flock, Galeon, Icab, Internet Explorer, Konqueror, Midori, Omniweb, Opera, Safari, Seamonkey, Squid and Sunrise.

NameBench source for websites to test

 2. Run the benchmark

First, NameBench checks the connection quality and makes adjustments for the connection condition. That is why you should not have other Internet activity while running the tests.

NameBench then selects the fastest to benchmark:

  • checks the DNS servers are available to the test system
  • performs TTL tests
  • checks for cache sharing with replicated servers and then removes the slower DNS replicas
  • selects the DNS servers for benchmarking

NameBench checking name server availability

The DNS queries are sent to the selected DNS servers.

NameBench checking name server availability

The results are saved in html and csv formats.

Finally, the html results are displayed in the browser chosen for the test.

NameBench finishes benchmarking

3. View the benchmark results.

Click on the images in this review to see the results of a full test that I ran

The primary report is a table.

  • NameBench presents a recommended configuration for three DNS servers.
  • The current primary DNS server is highlighted in pale yellow.
  • In this case, a 5.1% improvement would not be enough to change without doing further tests to confirm that the improvement is consistent. The red bars indicate timeouts for the proposed server. In this case, two queries timed out at 3.5 seconds so that is not good and another reason to test again.
  • Ignore that " is hijacked hijacked" because this is a known bug.
  • Replica DNS servers are indicated so you know which servers have backups available.

NameBench results

There are two types of graph presented. The first are bar graphs of the average and fastest response times. Note that each graph uses a different scale.

  • Look at the second graph first because the fastest response time shows you the best that you can get. This graph shows that network distance, which is similar to geographical distance, is the main driver for response times. So the response time is roughly proportional to the distance from my home. The six NZ DNS servers are grouped first then one Australian DNS server then the four global DNS servers mainly located in the USA.
  • The averages response time look quite different because the second driver is the size of the name cache. Global DNS servers perform much better because they have larger name databases. OpenDNS, Google and UltraDNS are ranked fifth to seventh but still remain 50% slower than the best regional DNS server.

NameBench bar graph of average response time

NameBench bar graph of minimum response time

Then there are line graphs of cumulative response times.

  • The distribution graphs show what percentage of queries are answered in what period of time.
  • The first graph is for the first 200 milliseconds ie 0.2 seconds.
  • The second graph continues to the 3.5 second default for the timeout.
    Although it is available when you first view the results, when you go to the website it will not be there.
    This graph shows how the global providers though slower at the start are much more consistent with fewer timeouts. By a quarter of a second and 30% awaiting a response they're competitive. By a third of a second and 10% awaiting a response they're performing better.
    It is the long tail for the slower response times that will be noticeable when you are browsing. So if you are prepared to live with slower average response times that you don't notice then you can stop the really slow and annoying response times by using a global DNS service.

NameBench cumulative response time graph to 200ms

NameBench full cumulative response time graph

The online results include sample index results for and instead of presenting the second response distribution graph.

Finally, the benchmark parameters are listed.

Testing with DNS Benchmark

1. Start DNS Benchmark

DNS Benchmark opening screen

To view the DNS servers click on the Nameservers tab highlighted above. You will have to wait about 10 seconds for the list of servers to be loaded.

Your system DNS servers will appear first in the list. The remaining servers are sourced from DNS Benchmark's list of global servers. The advantage of this approach is that you have the opportunity to refine the server list before testing.

DNS Benchmark nameserver list

At this point you can add or remove servers by using either of two menus:

  • Click on the Add/Remove button to display the first menu shown below.
  • Click on the system icon at the top left to get the system menu which is a superset of the Add/Remove menu.

DNS Benchmark system menu

DNS Benchmark add or remove servers menu


The servers can be added or removed individually or in three groups:

  • Your system DNS servers
  • The default global servers
  • Your own .ini file.

You can remove all servers to clear the list and start again. Once complete you can save your list to an .ini file.

There are two further options that you might consider to prune the list:

  • Remove dead servers that are not responding. This is well worth doing.
  • Remove redirecting DNS servers. This might remove DNS servers that you want to avoid but it will also remove OpenDNS and other filtering DNS servers.

The final option is to build the custom server list without running the global benchmark. If you want to save time then do this and skip to Create the regional DNS server list.

2. Run the global server DNS benchmark

As well as clicking on "Run Benchmark", you can also click on the Gibson Research Corporation (GRC) logo to start or stop the benchmark.

DNS Benchmark global DNS server results

At first glance the results point to a much faster DNS server. But the decision is not that clear cut if you read on below:

  • Server IP address is in the first column
  • Server status is in the second column.
    • DNS Benchmark tests server statusThe first two servers are the system DNS servers as indicated by the solid green circle.
    • The other servers are not the system DNS servers because they have hollow circles.
    • The colour of the circle indicates the quality of the connection:
      Green = good
      Orange = redirecting or hijacking DNS servers
      Red = the server is not responding ie is dead. I remove dead servers so there are no red circles in the example results.
    • OpenDNS also has a blue circle around the server status. This indicates that IP addresses reserved for private networks are being blocked. There are four ranges of addresses so in this case three of the four are being blocked.
      Green = both IPv4 and IPv6 reserved private addresses are being blocked
      Blue = either IPv4 or IPv6 but not both reserved private addresses are being blocked
  • The organization owning the DNS server is shown at the right.

The main results display the results of cached queries. DNS Benchmark provides two particularly useful test results if you check the Show Uncached checkbox:

  • Uncached queries (green) where the DNS server cache is bypassed.
  • DotCom queries (blue) for major global websites (dotcoms) that are mainly located in the United States.

In the example below my primary DNS server has unacceptably slow response for major global websites (DotComs). This problem was not visible in the NameBench results.

DNS Benchmark highlights slow uncached results

The server that is reported to be fastest is one of my ISP's DNS servers. I should probably change to it because it is faster and has no problems with DotComs unlike my primary DNS server. However it does have a problem with lost queries as indicated by the red bar which displays over the server IP address on the left. It is not a big problem but I would test again to see if it is a regular problem.

3. Create the regional DNS server list

DNS Benchmark build a custom list

The Custom Namerserver List is a list of your regional DNS servers that are likely to give you the best service. DNS Benchmark goes through its database of nearly 5,000 DNS servers to find those that are likely to perform best for you. It creates the list and then you can run the benchmark.

While it is creating the list you can see the total number of servers including the following:

  • Resolved = those you can use
  • Refused = those that reject your queries maybe because you are in a region that they don't service
  • No reply = dead servers

DNS Benchmark builds a custom list

4. Run the regional DNS server benchmark

The regional DNS server benchmark runs the same as the default server benchmark. So the results apply just the same.

5. View the results

DNS Benchmark results

DNS Benchmark displays the results as it works so you will quickly be able to see which DNS servers are performing the best. I've drawn a few conclusions from the final results displayed at right. Note that DNS Benchmark allowed me to save these results as an image file because a screenshot wouldn't show enough servers.

  • By default DNS Benchmark gives you a better comparison of more servers than NameBench which has to be configured to provide results for more than 10 servers.
  • Servers in my country are the fastest. Like NameBench, DNS Benchmark illustrates the same relationship.
  • The results illustrate that the primary driver for DNS query time is the delay (latency) due to the distance between systems on the Internet. This network distance is roughly the same as geographical distance. You will notice the same sort of delay If you ever make a phone call to the other side of the world.

Query response time = network latency + server processing time

  • The speed of the DNS server itself is far less important but does make a difference where several DNS servers are located in the same region.
  • You can also see that DNS servers with lost queries tend to perform worse. The lost queries are indicated by the red bars overlaying the DNS server IP address in the left hand column.  Seven of the eight New Zealand servers with lost queries are the worst performing in that group.This is likely to be the same in other countries

Remember that DNS Benchmark has several tabs to view the various results:

  • Nameservers shows you:
    • Server name
    • Server owner
    • Server status
    • Server response times
      • Cached response times are displayed by default
      • Uncached response times are displayed by checking the box
  • Tabular Data shows you the numeric results in a small table for each server. The formatting is text-based so you can export it to any editor.
  • Conclusions provides you with a comprehensive list of conclusions and recommendations. These are clearly explained to guide you. In the screenshot below, I have only shown the start of the first of seven conclusions. It has a positive green tick so there is no action required. Where DNS Benchmark displays a red cross you will be advised what you should do to improve your configuration.

DNS Benchmark conclusions

6. After completing the benchmark:

The DNS server list will be saved in the default.ini file. As discussed above, you can amend the list or detete it and start again.

To save the results go to DNS Benchmark's System Menu and select 'Export last results to CSV file'. DNS Benchmark also provides for saving any of the results pages either as an image file (.png or .bmp) or a formatted text file (.rtf).

Testing with DNS Jumper

DNS Jumper is relatively simple but I do not rate it highly so I''m only showing the main window for your information.

DNS Jumper main program

1. Select your network card.

2. Add or remove any DNS servers to the DNS Jumper database using the + or - buttons.

3. Find the "Fastest DNS"

  • The fastest will appear in the "Manual DNS Servers" list.
  • Response time is displayed in milliseconds.
  • If the DNS server is invalid or unavailable thenthe result will be "Host is offline"
  • You can also flush your system's DNS cache but the flush is not as effective as using the Windows/DOS command "ipconfig /dnsflush"

4. If you want to use the fastest servers then select "Apply DNS" to save the change.

I found the results unreliable and would be reluctant to use them without a second opinion. But the program is a quick and easy introduction to selecting a global DNS services.

Related Products and Links

Using DNS servers for security

Quick Selection Guide

DNS Benchmark
Gizmo's Freeware award as the best product in its class!

Runs as a stand-alone program on a user's computer
tiny program; comprehensive documentation; customizable testing; exports results; easy to use as it walks you through the three main steps; command line interface for automated testing with return codes
0.2 MB
32 bit but 64 bit compatible
Unrestricted freeware
A portable version of this product is available but not from the developer.
Windows 95 to Windows 7; Wine on Mac OS X and Linux

64-bit support will also run under Wine on Mac OS X and Linux

Resources:  FAQs, Features walkthrough, Menu, Test filesUsing Wine, Command line reference

Runs as a stand-alone program on a user's computer
easiest to use as their is one test of all servers; good documentation; customizable testing; exports results; can extract a website list from many different products mainly browsers; command line interface (requires Python)
several unresolved bugs but they don't seem to affect the conclusions
1.6 MB intitial, 15 MB on disk
32 bit but 64 bit compatible
Unrestricted freeware
There is no portable version of this product available.
Windows 2000 to Windows 7 - requires Microsoft 2008 Visual C++ libraries; Mac OS X; UNIX
DNS Jumper
Runs as a stand-alone program on a user's computer
quick test of DNS servers; changes DNS server for one network interface card (NIC); multi-language
test output is limited to the response time; cannot mix DNS servers from different providers unless you create a new DNS server entry
0.5 MB
32 bit but 64 bit compatible
Unrestricted freeware
A portable version of this product is available but not from the developer.
Windows XP, Vista, 7

Arabic, Chinese, Dutch, English, French, German, Greek, Hungarian, Indonesian, Italian, Japanese, Portuguese (Brazil), Romanian, Russian, Spanish, Swedish, Turkish, Vietnamese



This software category is maintained by volunteer editor Remah.

  "I've used TechSupportAlert and the older Support Alert Newsletter for almost a decade so I have saved hundreds of hours of work and many more dollars by following Gizmo's Freeware recommendations. Thanks for the opportunity to give something back."  

If you have had a similar experience then you should consider becoming a reviewer too.

Change Log




November 2011 No change to content. Convert the Quick Selection Guide to use the Product Database. Remah
July 2011 Little change in content. Reformat to centre images and remove bullets. Remah

June 2011

New article



Domain Name System, DNS, DNS server, DNS resolver, DNS resolution, DNS name server, Internet name server, NameBench, DNS Benchmark, DNS Jumper

Back to the top of the article.


Share this
Average: 4.5 (15 votes)
Your rating: None


by gizmo_user on 11. August 2013 - 12:55  (110062)

3 free, multiarch, dns cache/proxy

1 - namehelp (
2 - unbound ( )
3 - Acrylic DNS Proxy ( )

sorry if this is the wrong place

by sathappan on 23. July 2013 - 5:23  (109510)

Some one help, I am getting Message" None of the 4517 server tested are healthy" while running DNS server name bench.Please recommend to make it.

by Remah on 23. July 2013 - 6:00  (109512)

This is not a support forum but the following may help you. Notice that this is an issue that is not well documented or adequately supported as this open source software depends upon volunteers to update it.

It is unlikely that all the servers you test are unhealthy. So try these two options to see if NameBench will complete the benchmark without giving that message:
- Try changing "Health Check Performance" to slow.
- Try testing one DNS server only (such as Google as this should suspend the health check.

If neither of these options work then you can register and post this issue in our support forum. However, we may not be able to resolve your problem as there are similar problems for other users that have not been resolved by the developers:

If you decide to go to our support forum then tell us:
- your operating system and version (there's a couple of related issues on Apple OS X).
- your NameBench version.
- your NameBench settings.

by John7890 (not verified) on 17. October 2012 - 20:29  (100936)

I got 2 completely different results from GRC & Namebench
I live in London
In GRC by Virgin provider came top and Google came 51 out of 52
Open DNS 208. 67. 222. 222 39 out of 52

On Namebench Google was 2nd and Open DNS 3rd.
Virgin and the 3 backup DNS servers were all last in a shorter list of about 15 providers.

by Remah on 18. October 2012 - 8:03  (100966)

If you need further help please start a thread in our forums.

I don't recommend shifting from a local DNS server from a major ISP unless you have a good reason such as increasing your system security.

In your case, the GRC results are more like what I would expect to see.

Virgin should come out the fastest or close to it. It is a major ISP (#2? in the UK) and it's DNS servers should be close to a major population centre like London. Having said that, OpenDNS now have a server in London so a slower response from them may be due to a slower server. As far as I know Google doesn't have a DNS server in London or even England so it would fall further back as GRC shows.

I say in the article that I prefer GRC testing especially outside the US. Namebench's main advantage is ease of use but it is not as comprehensive.

Two important points for you to consider if you want to take this further:

1. The response time [ms] is more important than the ranking as a larger difference in ranking can be only a small difference in response times.
- Are the response times consistent in the results from the two programs?
- Which names produce long response times? Are they overseas sites? Do those sites use regional servers such as Akamai?

2. GRC and Namebench are different tests. You would need to do more work to understand why they are giving different results:
- Ensure that your DNS server configuration is changed at the same place, ie in the operating system (OS) or on the router.
- Clear the DNS cache(s) before running each test. You can do this for the browser, the OS and the gateway/router. There are some instructions at but there are lots of other article on the web that will help you.
- Ensure that they use the same nameserver lists (discussed in the article)
- Ensure that they lookup the same website names (also discussed in the article)
- If there is, or continues to be, a significant difference in response times then it gets more complicated. At a minimum, you should run each program more than once and in reverse order to confirm that there is not an issue with caching not being cleared or the sequence of the tests.

by Fozzy (not verified) on 24. March 2012 - 21:23  (91085)

I just used DNS Benchmark and it listed my current provider-AT&T as the fastest for me. Is this normal? I was expecting another service such as Norton would be much faster.

by Remah on 26. March 2012 - 4:32  (91161)

Yes, that is normal for two main reasons:
+ provider DNS servers will usually have a shorter path on their internal network than third-party DNS servers over the rest of the Internet.
+ AT&T DNS servers have a large number of users who will be filling the DNS server cache with almost every website that you're likely to visit.

Speed is not the only consideration for many users. Reliability, security or control may be more important issues for them. So some AT&T users will choose to set their primary DNS server to Norton because they want better security. So they'll drop the AT&T DNS servers to second and third priority.

Gizmos Needs You

Gizmo's Freeware is Recruiting

 We are looking for people with skills or interest in the following areas:
 -  Mobile Platform App Reviews for Android and iOS
 -  Windows, Mac and Linux software reviews       Interested? Click here