Optimize your DNS

6 Dec

As an avid listener to the Security Now! podcast with hosts Steve Gibson and Leo Laporte, I found out about the tool DNS Benchmark. It is a free Microsoft Windows program that also runs (using the Wine Windows emulator) on Apple’s Mac OS X and on modern Linux desktops. DNS Benchmark finds the best Domain Name System (DNS) servers for you, both in speed and security. DNS is like the Internet phonebook, which translates names we humans can read (like http://www.example.com) into numbers (IP addresses) computers identify themselves by on the Internet. Since everything new in your browser window comes from the Internet, and is fetched using DNS, choosing the best DNS servers can boost your browser performance considerably (30 or 40 percent in my case).

Installing Wine on Mac OS X – Since it’s easy for Windows and Linux users (search in your repository for Wine) to get DNS Benchmark running, I will tell you how I got it running on Mac OS X. I went to the Wine wiki and found a link to an entry on how to install Wine on Mac OS X. Since I have an Intel Mac, running Mac OS X 10.6 Snow Leopard, I could use WineBottler. It’s in beta, and therefore still free, and for what I needed it (run DNS Benchmark), it works great. After you’ve installed WineBottler, you can open .exe files with it, and those Windows apps run on your Mac OS X desktop as an X11 application (provided they are supported by Wine, of course). You will need to install XQuartz as a replacement for Apple’s X11 (remember to install the latest version of XQuartz after every security update by Apple, because it will reset the X11 server to the one Apple maintains, and WineBottler might stop working).

Once you’ve installed DNS Benchmark (and any additional programs needed to run it on Linux or Mac OS X), you can launch it. It is pretty straightforward, as with all of the apps made by Steve Gibson. It does what it does.

DNS Benchmark home screen

Read the introduction carefully, close all apps that access the Internet (iTunes, mail, web browsers, etc.), and click the Nameservers tab, where you can run the DNS benchmark.

The program comes with a built-in set of nameservers, which it will use when run for the very first time. It will show you the results after a few minutes of testing, and in the Conclusions tab you will find some advice on what to do next. Then it will ask you to test for nameservers near your location. This test will take a lot more time (20 minutes in my case), and depending on your location, you will get whatever servers are best suited for your situation. This might even be your own ISP. Pick at least three of the top recommendations, so you have alternatives in case one of them goes off-line.

If you have a router (and for the sake of security you really should), you might have installed 2 entries of DNS servers there (or had the installation script of the router do that for you). However, according to Steve Gibson, this is not optimal. It gives the already overworked consumer-grade router more to do, and that router will probably crash more often, due to the extra workload.

Now here it gets tricky. After you’ve removed the list of domain nameservers from your router (different for every router, but it’s probably in the DNS section of the Internet WAN; I selected to let my ISP determine the DNS server), you need to put it on each computer (and WiFi-connected mobile device) on your network. In my case it was located in the advanced tab of the particular connection, in the DNS tab. On the iPhone, you will need to click the button with the larger than sign (>), at the right of the connection name (the hotspot the iPhone uses to connect to the Internet). I suppose it will be similar on Windows and a Linux desktop distro.

Anyway, I was really satisfied with the result. My Internet felt “snappier”, less sluggish. Nothing wrong with that.

I suggest you do this at least once a year, since the situation will change constantly. Your ISP might see the traffic to its DNS box drop, and upgrade it in response.

Advertisements
%d bloggers like this: