Gizmo's Freeware Forum

Gizmo's Freeware Forum (
-   Website Design, Support and Maintenance (
-   -   OpenDNS - what / why / how (

chris.p 22. Mar 2009 08:09 PM

OpenDNS - what / why / how
1 Attachment(s)
Here's a thread for OpenDNS - how you can use it and why.

I use it to substitute for the ISP's default DNS servers that get installed automatically on your broadband router. This has two benefits:

1. For me, the main benefit (and a massive one) is that the OpenDNS servers are updated immediately, so when I set sites live or move them or change DNS settings - OpenDNS goes live with those settings in 5 minutes and I can see the new livesite straightaway. In contrast, the ISP's cr@p DNS servers, on the router by default, are often 2 days out of date. Useless.

2. ISPs are starting to introduce targeted, profile-based advertising - ie they look at your traffic and show you ads to match your perceived interests. One channel for this, and often stage 1 of this process, is to show you ads when you enter a non-existent domain name or other faulty HTTP request. You get their custom 404 page - all adverts, targeted at you personally or in relation to the faulty request. Remove their DNS servers and they can't do this - you don't go through them [edit] for DNS requests.

Just go to your router admin -- find the DNS server info -- save it -- insert these IPs instead:

But be aware this may cause your router to reboot. This won't affect most people, but you wouldn't do it if someone is doing a download or something.

Added pic of router DNS configs -- DNS.gif
Unfortunately the forum converts a nice sharp gif to a blurry jpeg but it's still legible.

kendall.a 22. Mar 2009 10:46 PM

Chris, do you notice any speed increase or decrease?

How about difference, good or bad, in pings?

The reason I'm asking is that I have a 7 MB DSL connection. It's fast. However, my ping often stinks on some gaming sites/programs that I use; seriously affects gameplay.

jim 22. Mar 2009 11:25 PM

I changed to OpenDNS a couple of months ago and find it a lot faster.

chris.p 22. Mar 2009 11:28 PM

I think you need to do a traceroute on your connection, to see what's happening. This will give you a better idea of the problem. You can use a desktop app for this, like Webhopper from proletary. com, or an online service like the visual traceroute from yougetsignal. com/ tools/visual-tracert/
[remove gaps]

After that, use a service that shows packet loss on each hop. Getting a bit techie eh. But that will show why it's slow. Like you say a 7MB hookup is quick, and should give really good results - so the answer is somewhere else. This is an ISP routing and backbone issue, not DNS.

The DNS service works like this: you want to go to a website, and you know its friendly name, like or something. So you enter that in the browser address bar. But there are no websites called that, it would be impossible to run a network this way - all addresses on the Net must be numerical. So somewhere there has to be a list of what names tie up to what numbers - this is the DNS service.

You type the name in the address bar - the browser scratches its head and thinks, where the ****'s that? - it goes to a DNS server that it knows the address of, and asks them - they give it the real, numeric address - the browser goes to that and, bosh, you're at TSA or wherever.

Takes a long time to describe but it happens in 0.25 of a second. It's so fast you don't even know it's happening, which is why it's described as transparent.
...except that sometimes it's slow - which is why the OpenDNS service is better because it will be faster and up to date as well, unlike ISPs' DNS servers.

The DNS servers are obviously critical to this. Every ISP has its own set. But they are often out of date, and also vulnerable to manipulation. So an open-source solution is better in every way. But you are always within your own ISP's network until you reach their partners' networks, to get to the required site. The DNS tells you the address to head for. It's possible of course that the route might be modified in some way, depending on the info you get from the OpenDNS servers, and even because you have gone to them in the first place.

But this is a network administration matter and certainly not my game...

ps I don't bother using the traceroute stuff on the desktop (within the OS, Windows or Linux command prompt I mean) because it gives the info but not the analysis - and the analysis (eg what country etc) is what you need.

chris.p 23. Mar 2009 08:31 PM

Cunning ISP trick found, for #3 DNS IP
I found a cunning ploy being used by an ISP, yesterday.

They have got wise to the fact that people are changing out their DNS IPs for OpenDNS etc, so they have bounced back with a clever trick.

Most people don't fill the #3 slot for DNS IPs on their router - I would imagine - and like me they just fill the first two. Yesterday I found that my ISP had remotely filled the third slot with their own DNS server IP, and instead of using the first two slots - #1 and #2 - as the router of course should do, they were fixing it to use #3. The cunning swine.

That meant I was back to seeing their ads when the HTTP request was refused.

So I fixed them - I deleted their DNS server in slot #3 and just cloned the OpenDNS one in slot 1 to #3 as well. Seems to work, I get OpenDNS now instead of the ISP's lousy service and trash adverts.

I'm waiting for when they block all DNS requests except from their own servers. Might need a change in the T & C though...

MidnightCowboy 25. Mar 2009 05:33 PM

Less techie users (like me) might just be interested to know that using OpenDNS protects against phishing and botnets* in addition to permitting variable levels of content control. Parents/guardians might like this feature a lot!

*This includes protection against all current versions of the Conficker virus

chris.p 25. Mar 2009 05:38 PM

Right dude.

But someone just mentioned to me there may be privacy concerns about OpenDNS, it's actually owned by minions of the NSA or something.

Probably just a crazy paranoid.

I don't care anyway, it's efficient, unlike my ISP's DNS servers. If they get any exciting info from me, they're welcome to it. As long as it doesn't go to Goggle of course. Let's hope they're commercial rivals...

But don't you have to pay for that protection stuff? I know they do a paid service as well.

MidnightCowboy 25. Mar 2009 10:29 PM

Nope - least ways I'm using it and no one's asked for a CC number yet. I should add that from what I can understand it won't prevent you from getting this Nickerbocker virus thing but it will prevent it from phoning home to whichever 10,000 or so servers it's programmed so to do. Must be real frustrating to have all that energy and be stuck inside someone's PC.

mr6n8 30. Mar 2009 11:21 PM

Thanks for this thread.
I ran across an article suggesting OpenDNS as a way to get better speeds on torrents and had no idea what it was.
Came back to TSA and the answer was here.

chris.p 30. Mar 2009 11:57 PM

OK Steve

We're still arguing about it here but I think the upshot is, you can see gains if your ISP was previously routing you over its partner networks in order to save money, but that route is slower than the optimum one given by OpenDNS. However this isn't my area.

You can have a laugh with this by downloading the excellent free traceroute tool Webhopper, and seeing the countries your traffic gets bounced around:

To get nextdoor you are sometimes routed halfway round the world - twice. I guess this would explain why ping time is so bad sometimes. This tool is good because you get to see the countries immediately, a command line traceroute can't do that.

Choose a site or IP and watch your traffic go back and forth between countries that are nowhere near the place you want to go :(

Why can't it just go straight there like when I get on a plane to go there??

All times are GMT +1. The time now is 02:03 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.