Thursday, 3 December 2009

Google Public DNS announced today

Today, Google announced that in part of their efforts to make the web faster, the search engine giant has released an experimental public DNS resolver, Google Public DNS.

DNS (domain name system) is one of the most critical parts of the Internet's infrastructure as it serves as a "phone-book" for web users. In short, every time you visit a website, your computer performs a DNS lookup to figure out where to go.
The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide. An often used analogy to explain the Domain Name System is that it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. For example, translates to {Wikipedia}
Further, complex pages often require multiple DNS lookups before they load completely as they could have content, images, media, etc. coming in from several different location entirely. So, as a result, the average Internet user performs hundreds of DNS lookups every day, that collectively can slow down their browsing experience. 

Google believes that a faster DNS infrastructure could significantly improve the browsing experience for all web users.  Google's service will not only enhance the speed of DNS lookups but it will also improve the security and the validity of results. To do this Google Public DNS is trying a handful of different approaches - all of this is shared within their documentation:

Speed: Resolver-side cache misses are one of the primary contributors to sluggish DNS responses. Clever caching techniques can help increase the speed of these responses. Google Public DNS implements prefetching: before the TTL on a record expires, we refresh the record continuously, asychronously and independently of user requests for a large number of popular domains. This allows Google Public DNS to serve many DNS requests in the round trip time it takes a packet to travel to our servers and back.

Security: DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website. Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages.
Validity: Google Public DNS complies with the DNS standards and gives the user the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience. {Google Code Blog}
Google is looking for people to start helping them test the system, today. If you are interested, check out their documentation on how to configure your system(s) to leverage Google Public DNS. In that doc there are great examples for updating Mac OSX, Windows and Linux computers as well as routers and other mobile devices.

No comments:

Post a Comment