Why modify your DNS resolver
The workings of the domain name system has been the subject of a detailed article, however we’ll go over the broad lines again so you can see the maneuvering room available to you as a user. The domain name system is decentralized and hierarchical, and is what allows a domain name – which has meaning to users – to correspond to a sequence of characters – that has a meaning to servers. A good analogy is to think of the domain name system as a kind of internet phone book, which contains “phone books of phone books”. In other words, your request to view a domain name will not be sent directly and automatically to a single nameserver or even the one corresponding to the domain’s registry. Rather, the request is initially sent to a “recursive” nameserver, which is found either on your device or local network. Often, the DNS resolver of your internet service provider (ISP) keeps the IP addresses of domain names in their cache that you are likely to request. This is done so that they are able to answer your request to view them more quickly than if they had to search the so-called “primary” nameservers for this information. You are able, however, to make some changes as to the choice of the recursive nameserver used. There are some reasons why you might want to do this, which we will go into below.
Why might you want to change your DNS resolver?
You might not be satisfied with the DNS resolver that you have by default, which is in general, it is the one used by your ISP. You have some alternatives, however. Here are some reasons why you might want to change it.
1. To improve performance
Your ISP may provide you with a robust DNS resolver, though it may not be optimized and might even be affected by a technical incident, affecting your connection. In this case, you can opt for a DNS resolver that can provide an immediate access to the pages you want to consult.
2. To improve security
The choice of nameservers may influence the security of your data at several levels. A nameserver may be configured to block access to dangerous websites that may host malware, or can make use of the DNSSEC protocol which protects against “DNS Hijacking”. Additionally, some DNS resolvers are better at protecting your personal data than others, and don’t store your browsing history for example. This means that too, you can better protect your privacy.
3. Bypassing restrictions
Just as the DNS resolver lets you block certain malevolent websites (or even ads, or adult content), it also let you get around potential restrictions that may have been put in place locally (by the ISP for example)
4. Not get returned the results in the cache
You may want to do this if you have updated your website and want to check that the changes are good. The correspondence between the domain and the IP address are stored in the cache of your DNS resolver for a period that is called the “time to live” (TTL). Resolvers generally takes the TTL into account and so if it has the address you requested in its cache, it will return it until the TTL period is over. This means that you must wait until the cache has expired before the recursive server once again gets the information from the authoritative nameserver. The TTL can be from minutes to even many hours or longer. To get around this, you can modify the DNS resolver on your machine to use a server that does not use the cached information.
Which DNS resolver should I use?
Many public resolvers are available on the internet, operated by businesses, associations, or even individuals.
The choice that you make will need to take into account the performance as well as policy put in place by the operators of the server. Everything depends on the reason that let you to want to make this change. You will find servers that meet your needs (for blocking adds, adult content, storing of your personal data, etc.).
Tagged in DNS