1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Cloudflare's free DNS service speeds up web browsing and helps protect your privacy

By midian182 · 22 replies
Apr 2, 2018
Post New Reply
  1. It almost sounds like an April Fool's prank, but it’s not. Yesterday, on the day that many tech firms like to release joke announcements, Cloudflare launched its first consumer product: a new Domain Name System (DNS) resolver that will help protect the privacy of your web browsing sessions while speeding up your internet.

    DNS services, for those who don’t know, are systems usually provided by ISPs that turn names like Techspot.com into true IP addresses, meaning we don’t have to type a series of numbers into our browsers when we want to visit a site.

    Users are automatically connected to an ISP’s own DNS server when they log on, but these can often be slow and unreliable. ISPs can also use them to see all the websites you’ve visited. But with Cloudflare's free 1.1.1.1 tool, you can connect to a custom Domain Name System that the company is calling the “the Internet’s fastest, privacy-first DNS service.”

    "If you switch to 1.1.1.1, then that ledger of where you're going online is not being kept by your ISP," said company CEO Matthew Prince. “[I]t’s been depressing to us to watch all too frequently how DNS can be used as a tool of censorship against many of the groups we protect. While we’re good at stopping cyber attacks, if a consumer’s DNS gets blocked there’s been nothing we could do to help.”

    Cloudflare says it will not write any querying addresses to disk and will wipe logs within 24 hours. It also promises not to sell people’s data or use it to target ads. To show it’s living up to these claims, the firm has retained KPMG to perform annual audits.

    Not only does 1.1.1.1 offer improved privacy, but it’s also able to speed up your internet surfing. DNSPerf ranks Cloudflare’s DNS service as the fastest in the world for consumers, with a 14.01ms query speed. This puts it ahead of similar services, including OpenDNS (20ms) and Google's 8.8.8.8 (30ms). It’s also much faster than an average ISP’s 68.23ms, meaning it should offer a more responsive web browsing experience.

    If you want to try out 1.1.1.1, full setup instructions can be found here.

    Permalink to story.

     
  2. Danny101

    Danny101 TS Maniac Posts: 471   +172

    I took the leap. We'll see. Hope it's not a honeypot.
     
    Theinsanegamer and gibbstar like this.
  3. stewi0001

    stewi0001 TS Evangelist Posts: 1,951   +1,323

    Ok, so how do they make money?
     
    Theinsanegamer and wiyosaya like this.
  4. Uncle Al

    Uncle Al TS Evangelist Posts: 4,206   +2,672

    Like my old man taught me well; "There is no free lunch" .......
     
    Theinsanegamer and SalaSSin like this.
  5. Danny101

    Danny101 TS Maniac Posts: 471   +172

  6. merikafyeah

    merikafyeah TS Addict Posts: 164   +104

    Oh I don't know, perhaps from their MAIN business of being an extremely prolific CDN with afaik industry leading DDOS protection (which doesn't come cheap). The DNS is free, the other services are definitely not.

    I guess I'll try out 1.1.1.1 as my main with 208.67.222.222 as my backup and see how it goes.
     
    Theinsanegamer and gibbstar like this.
  7. stewi0001

    stewi0001 TS Evangelist Posts: 1,951   +1,323

    I honestly never knew anything about them. I do appreciate the info.
     
  8. axiomatic13

    axiomatic13 TS Addict Posts: 180   +102

    My suggestion, run local DNS servers if you have the means and set 1.1.1.1 as one of the list of forwarders. Nothing is faster than this. I'm doing this with a couple of tiny Ubuntu VM's running BIND9.
     
  9. Ecurb

    Ecurb TS Rookie

    My home router is using dd-wrt and I have the local dns enabled. I had been using Google's 8888 but now it is set to 1111. Dd-wrt also has a VPN service that I've enabled and I use that when I'm on the road so I don't have to worry too much about public WiFi security.
     
    Theinsanegamer and axiomatic13 like this.
  10. axiomatic13

    axiomatic13 TS Addict Posts: 180   +102

    dd-wrt uses dnsmasq. I recommend increasing its local cache size. It is a little small at default settings. :)
     
  11. tipstir

    tipstir TS Ambassador Posts: 2,772   +176

    How fast you do want to surf...
     
  12. Ecurb

    Ecurb TS Rookie

    I bumped it up to 500 from 150 but need to make some time to do a little tuning. Good suggestion. Thanks.
     
    axiomatic13 likes this.
  13. NahNood

    NahNood TS Booster Posts: 91   +27

    Like on the waves!
     
  14. LeroN

    LeroN TS Enthusiast Posts: 62   +22

    A problem is that my ping to Google is 1ms and ping to 1.1.1.1 is 13ms. 8 hops to Google vs 11 to CloudFlare. Maybe routes are not optimized but my choice is obvious. Will check it with other internet provider who knows.
     
  15. Mugsy

    Mugsy TS Guru Posts: 508   +47

    Links to "https://1.1.1.1/" don't work for me.

    I tried two browsers.
     
  16. taylor1277

    taylor1277 TS Rookie Posts: 19

    Well, I'll be damned it works great. Hmmmm makes me wonder for years when I asked Google through their resolve issues button on Google Chrome if they could do this and get rid of that little tick between web pages. They never did a thing about it, for yearsssssssssssssssssssssssss.. But then I read a lot on this matter today and went and changed the DNS as instructed and it works, making your web experience so much better like a million bucks better. But now I see that would also have to do with Ads that Google is so much lately in the last few weeks or months to pretend like they are for privacy. Didn't know the two went hand in hand. Now I see why Google never fixed the situation, thank you Cloudflare. Going to see if you have a website and take donations. Or if there are other programs that I may like to buy. I LOVE programmers who make sure their programs work first
     
  17. DAOWAce

    DAOWAce TS Booster Posts: 279   +41

    I had no idea there was this latency comparison of DNS services.. Been using OpenDNS and Google DNS for many many years now, notably Google as of the last 2 years. Didn't know it was nearly twice as slow.

    Time to try Cloudflare's solution.. doubt it'll continue to be as fast as its userbase increases.
     
  18. Emexrulsier

    Emexrulsier TS Evangelist Posts: 586   +75

    For me pings are both 7ms but 1111 is 7 hops vs 8888's 9 hops. I'll give them a try, sure network maybe slightly better but unless the resolution at their end are amazing I doubt I will see any improvement at all.
     
  19. LeroN

    LeroN TS Enthusiast Posts: 62   +22

    I tried it at home and CF is slightly faster with my cable internet. A difference is not so significant but still better then with Google. But anyway ping is in 25-40 ms range for both so need a local dns server.
     
  20. ddferrari

    ddferrari TS Maniac Posts: 391   +167

    I just ran DNS Benchmark, and 1.1.1.1 was about 15th on the list, speed-wise. I guess it depends on where you live, like any DNS server does. Thanks, but PASS.
     
    Last edited: Apr 5, 2018
  21. jobeard

    jobeard TS Ambassador Posts: 12,218   +1,363

    That's because HTTPS is NOT the protocol to access any dns
     
  22. taylor1277

    taylor1277 TS Rookie Posts: 19

    Are there other DNS, that people don't know about. I would like to look into this and maybe since everyone is now 1.1.1.1 and it is slower. maybe some of the others are faster since others have left those.
     
  23. jobeard

    jobeard TS Ambassador Posts: 12,218   +1,363

    Correct - - the number of nodes between you and the DNS are far more indicative of performance than the number requests/sec.

    the node count is found with TRACERT -d dns_ip_address
    eg: for me
    • TRACERT -d 1.1.1.1 ==> 13 hops
    • TRACERT -d 8.8.8.8 ==> 14 hops
    • TRACERT -d 8.8.4.4 ==> 13 hops
    • TRACERT -d 209.18.47.61 ==> 7 hops
    That last one is my ISP and of course it is closer than any - - but that's the DNS that can be manipulated and is insecure!
    So your choice is speed to resolve the name or trusting the results of the resolution.


     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...