Internet Connection

[kbirkins]

In changing DNS servers recently, I had a rather unexpected outcome that perhaps one of you can explain. So here are the particulars:

True is my ISP and have have their 13M/1M package. I recently tried a utility program called "Namebench" that is supposed to identify which DNS servers are optimum for your system. In my case, it recomended that I change the DNS servers on my router to 8.8.8.8 (primarly) and 0.0.0.0 (secondary) over the True default settings for improved speed and performance. I made this change and I'm trying to understand the result:

In loading webpages, I do not observe any discernable improvement in speed- in fact, I'd say under normal usage the system is slower. In most cases however, if I connect through my VPN (Witopia, LA node), the webpages will load noticeably faster (??). This seems odd to me as I understood a VPN by using some bandwidth should degrade performance.

This is not a major issue but it is a curiosity and I hope someone can enlighten me.

Cheers

[Chicog]

The only thing I can surmise is that the amount of time taken to resolve the DNS is slower when you are going through Thailand's array of bad people sniffers.

[RichCor]

0.0.0.0 isn't a valid IP address. So that one can be dropped.

When manually entering Primary, Secondary and Tertiary DNS Server IP addresses it's usually a good idea to select one that's quickest and reliable as the primary, and a local ISP provided DNS Server as Secondary or Tertiary.

Try adding some more IP addresses into NameBench, then rerun the test:

192.168.0.1 Non-routable local internet address (your local gateway router)

192.168.1.1 Non-routable local internet address (your local gateway router)

8.8.8.8 google-public-dns-a.google.com

8.8.4.4 google-public-dns-b.google.com

4.2.2.3 c.resolvers.level3.net

4.2.2.5 e.resolvers.level3.net

117.121.210.110 apple.beenets.com

117.121.222.222 kiwi.beenets.com

203.144.207.29 dns1.asianet.co.th (TrueInternet)

203.144.207.49 dns2.asianet.co.th (TrueInternet)

203.113.5.130 dns1.totbb.net

203.113.7.130 dns2.totbb.net

203.113.24.199 dns1.totbb.net

203.113.127.199 dns2.totbb.net

74.82.42.42 ordns.he.net

202.28.162.1 ns1.mahidol.ac.th

202.44.144.33 ns2.ksc.co.th

202.44.204.36 nscache1.nectec.or.th

202.129.27.133 dns3.idc.cattelecom.com

208.67.220.220 resolver2.opendns.com

208.67.222.222 resolver1.opendns.com

[kbirkins]

Thanks for the information. I tried NameBench again with many of the DNS servers Richcor suggested and attached a partial of the output. Unfortunately, their Wiki is not particularly helpful to the novice and I'm unsure if there is cause for concern. In looking at the output ( again attached), I have the following questions:

1) Again, NameBench suggests a DNS server 0.0.0.0. What is this exactly, if not a server? Also, if you look at the output (bottom, black background) I attached, it appears 0.0.0.0 failed the test- why recomend making it the secondary server??

2) In all the tests there is a notation that www.google.com and www.twitter.com are "hijacked" and "incorrect". Are these a result of the governments censorship efforts or symtomatic of something more sinister and therefore a cause for concern.

Thank-you in advance

Cheers

NameBench.pdf

[RichCor]

Whenever you see 0.0.0.0 displayed as an IP address this generally means the input is skipped (left blank). Why they suggest skipping a Secondary and entering a Tertiary I'm not clear on as usually that's not permitted/accepted input. An actual 0.0.0.0 entry is not valid and will fail or cause errors to be thrown.

NXDomain Hijacking refers to the practice of redirecting mistyped (misspelled) non-exsistent domains either to a common domain, or to paid sponsor domains. Technically, non-existent domains should result in an error.

"Hijacked" and "Incorrect" results may mean that the DNS server may be falsifying the result for a well known service, and redirecting you to another website (usually to garner sponsor ad credit). These alerts may also result in false positives when a website changes to a new network or CNAME. For instance, it's unlikely that google's public servers (8.8.8.8 / 8.8.4.4) would hijack google.com requests and sending you to non-google-owned websites. And it's not part of some government conspiracy. Government traffic analysis happens independently.

I think you're running 2010 "Namebench 1.3.1" archived code from the old GoogleCode open source project.

The source code for that project was moved over to GitHub google/namebench

I do like some of the technical information is gives about each server in the 'notes' column. But the process takes too long for my liking.

I ran namebench before creating this post, ...still waiting for results. Slow.

I run a product called DNSBenchMark by GRC.com that's probably a little easier to use and maintain.

You edit .ini files to include groups of target DNS IP addresses. Real-time graphical result.