Google has recently launched Google Public DNS, a public DNS resolver service with an aim to make web browsing faster and secure. OpenDNS, providing the same services and more, has been in the market since 2006. So, which one is better, and is it beneficial to switch from using OpenDNS to Google Public DNS? We will find out.
Performance – Both GPDNS and OpenDNS employ quite a number of tweaks to increase performance of the end users. Both load balance user traffic and implement “smart” caching techniques to speed up domain resolution.
While this does not directly affect performance, OpenDNS has a nifty tool called CacheCheck, which can be used to check the status of a domain in OpenDNS’s cache and optionally update the domain’s DNS records in the cache. This does score some brownie points for OpenDNS.
Security – Even though Google Public DNS has protection against cache-poisoning, DOS and amplification attacks, it blandly admits that it doesn’t provide any content-filtering/anti-phishing/anti-malware protection. Google says :
Google Public DNS is not a malware-blocking service. Google Public DNS does not perform blocking or filtering of any kind
However, OpenDNS delivers a lot in this sector. In addition to protection against cache-poisoning and other vulnerabilities, it offers web-content filtering, “PhishTank” anti-phishing, malware-protection and whitelisting/blacklisting of domains, all though a web-based dashboard. In addition to this, OpenDNS also features a community based domain tagging system, where users can tag domains into appropriate categories and check the status of an already-tagged domain.
I used Namebench to perform DNS benchmarks. The results are as follows:
Mean Response Duration
**Fastest Individual Response Duration**
The tests proved that Google Public DNS resolver is 5% faster than the OpenDNS resolver. ### Conclusion Even thoughthe real world test found Google Public DNS to be 5% faster than OpenDNS, it actually makes a very little difference in speed. Considering the advanced features like anti-phishing, anti-malware, content-filtering and custom-error pages, OpenDNS is recommended for both network administrators and end users. **Special Note** : Google says that it shows correct results for NXDOMAIN results, ie, due to mistyping or otherwise, if a non-existent domain is tried to be resolved, it will return an error message. OpenDNS, however, redirects such requests to it’s search page where it shows similar domains along with some sponsored links. I couldn’t decide whether this is a good or a bad move, so I didn’t include this in the evaluation process.