Your Internet service provider runs DNS servers for you, but you don’t have to use them. You can use third-party DNS servers instead, which offer a variety of features that your ISP probably doesn’t.
We’ve covered third-party DNS servers like OpenDNS and Google Public DNS in the past, but now we’ll explain just why you might want to change your DNS server.
Possible Speed Improvements
Third-party DNS servers can be faster than your ISP’s DNS servers. This isn’t guaranteed — it will depend on your geographic location, how close the third-party DNS servers are to you, and how slow your ISP’s DNS servers are.
If all you care about is speed, you may see an advantage from switching to a third-party DNS server — or you may not. To be sure, you should run a DNS benchmarking tool like Namebench, which will make DNS requests to your current DNS server and other DNS servers, testing how long each server takes to respond.
Note that Namebench can’t benchmark every factor. For example, Google Public DNS and OpenDNS participate in “The Global Internet Speedup” initiative, which allows participating DNS services to know your IP address and respond with IP addresses closer to you, increasing connection speed. Other DNS servers, like the ones offered by your ISP, aren’t as quick to implement such new technologies.
Possible Reliability Improvements
This goes hand-in-hand with the possible speed improvements above. If your Internet service provider does a poor job of keeping their DNS servers running fast and stable, you may experience periods of time when websites fail to load or load very slowly while the DNS request takes some time to resolve. If your ISP isn’t doing their job properly, switching to a third-party DNS server may give you a more reliable experience.
If you have young children and want to set up web filtering, there are a variety of different ways you can do it. One of the easiest ways to configure web filtering is to change your DNS servers to OpenDNS. Change the DNS server on your router and you’ll be able to configure parental control settings on the OpenDNS website, allowing you to block certain categories of websites and view the websites accessed from your home network.
This is particularly convenient because, after changing the setting on your router and setting up parental controls on the OpenDNS website, the settings will apply to every device on your home network — PCs running any operating system, game consoles, smartphones, tablets, and more. When a DNS request is made for such a website’s IP address, OpenDNS returns a different IP address. The user’s browser connects to that address and sees a message saying the website they want to access has been blocked.
Bear in mind that this isn’t foolproof. A user on your network could just change their device’s DNS server to bypass the filtering. Young children wouldn’t think to do this, but teenagers could likely foil it — just like most parental controls.
OpenDNS also performs filtering to block phishing sites. Modern browsers have built-in phishing protection, but if you run a network that includes Windows XP computers running Internet Explorer 6, enabling OpenDNS will give all of these computers some identity theft protection they wouldn’t otherwise have.
Other DNS services don’t offer this feature. For example, Google Public DNS does not include any content-filtering features, as it aims to just function as a fast DNS service without any of the frills.
Third-party DNS servers like OpenDNS and Google Public DNS also offer security features that haven’t yet been implemented by many ISP’s DNS servers. For example, Google Public DNS supports DNSSEC to ensure DNS requests are securely signed and accurate. Your ISP’s DNS servers may not yet implement such security features.
If SOPA had passed, no American DNS servers would have supported DNSSEC, as SOPA would have made DNSSEC illegal. Americans would have had to use foreign DNS servers if they wanted the benefit of DNSSEC.
Access Geoblocked Content
Special third-party DNS servers can also allow you to access geoblocked content. For example, switching your DNS server to the free Tunlr will allow you to access media like Netflix, Hulu, and BBC iPlayer, no matter where you are in the world. When your computer makes the DNS request, the DNS service performs some tunneling to make the service think that you’re elsewhere in the world. This is a convenient option because it allows you to access these services on any device just by changing the DNS server on your router.
You shouldn’t use Tunlr as your main DNS service. As a free service, Tunlr wouldn’t be able to put up with the load, so they artificially delay DNS requests — switching to Tunlr permanently will slow your web browsing way down. If you use Tunlr, you should use a tool like DNS Jumper to quickly switch to it when you need it and switch away when you’re done.
Bypass Web Censorship
Some Internet service providers and countries block websites only at the DNS level. For example, an ISP may “block” example.com by redirecting its DNS entry to a different website. If the website is blocked in this way, changing your DNS server to a third-party DNS service that doesn’t block the website will allow you to access it. A real-world example of this occurred when The Pirate Bay was blocked in the UK. People could change their DNS servers to access it again.
Note that websites are often blocked at the IP level, so this won’t always work. For example, the Great Firewall of China uses a variety of tricks to block websites, including DNS blocking.
Namebench includes an option that checks DNS servers for censorship to determine whether your current DNS servers are censoring their results.
If you want to switch DNS servers, you’ll probably want to change your DNS server on your router, which will affect your entire home network. You could also change the DNS server on a single computer, which will only affect that computer.