dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
27763
share rss forum feed


NSHPreds09

join:2009-04-01
Portland, TN

[DNS] Best DNS Servers To Use With Comcast?

Hey guys, I just had Comcast High Speed Internet installed about a week ago, and so far I'm loving it! I just can't decide which DNS Servers to use though. Back when I had AT&T DSL, I was a HUGE advocate of OpenDNS. I have ran a few DNS benchmarks using the default Comcast DNS servers (Primary DNS - Atlanta, GA, Secondary DNS - Naples, FL) and have found that Comcast's Atlanta DNS server comes out the fastest measured in milliseconds, ahead of OpenDNS and Google Public DNS. I was just wondering which are the best DNS servers to use with Comcast High Speed Internet?
--
Latest Speedtest
21.10 Mbps Download
3.18 Mbps Upload
Faster than 94% of connections globally and 92% locally.


andyross
Premium,MVM
join:2003-05-04
Schaumburg, IL

1 edit

If the Comcast ones seem best, use them. Be aware that Comcast has 3 sets of DNS servers. Normal versions with and without redirection, and a multi-homed DNSSEC version (everybody uses the same IP, but it automatically goes to the closest.)

By default, Comcast DHCP will give you the redirect version. You can use the Comcast customer central to change to the non-redirect version, then just reboot your router (or you can hard-code the address).

For DNSSEC, you must hard-code for now.


FactChecker
Premium
join:2008-06-03

1 edit

1 recommendation

reply to NSHPreds09

Along with DNS response time, the most important element is how close the DNS server is related to your IP address. By "close" I mean inside your ISP's IP space and low latency to your location vs hosted at a 3rd party or on another ISP.

Most major content uses DNS to figure out where to serve you from. If you choose a 3rd party DNS server like OpenDNS, then Google, Akamai and others may serve you from another distant ISP like Cogent or even International players like Tiscali or NTT.

The best DNS server to use for performance is what Comcast gives you. If you are tech savy, you could improve that by running a local cache which forwards all unknown requests to Comcast.



rlocone
Honor Our Heros, Our Armed Forces
Premium
join:2002-04-10
Kokomo, IN
reply to NSHPreds09

Steve Gibson has a DNS Benchmark utils that will work perfect for this. Here is the link: »www.grc.com/dns/benchmark.htm



HunterZ

join:2003-07-16
Kent, WA
reply to andyross

Do the DNSSEC servers use redirection?

Personally I ran some tool a couple months ago that is supposed to suggest the fastest DNS servers for my connection, and then put the fastest 3 (an OpenDNS server, a Comcast DHCP suggested server, and a Clearwire server) into my router's DNS list. My router also acts as a caching DNS, which is great because all of my LAN devices query it and it does all the work of contacting multiple servers.



inferno4

join:2008-07-06
reply to NSHPreds09

OpenDNS has been the best for me.


andyross
Premium,MVM
join:2003-05-04
Schaumburg, IL
reply to HunterZ

DNSSEC is not compatible with redirection.

Comcast is testing DNSSEC now, but plans on eventually moving their main DNS to DNSSEC. There were some posts on it awhile ago.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to NSHPreds09

In most cases, it is best to use the DNS servers provided by your ISP. If they are doing their job, those will be "close" to you in network terms. In my case, currently an AT&T subscriber (but former SBC, not former Bellsouth), they assign a pair of Anycast DNS servers right in the POP center where the aggregation router is located; can't get a DNS server any closer than that (unless I run my own local DNS server). They are the fastest in the GRC DNS benchmark test, as well as the one created by DSL's own Deblin.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum



newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
kudos:1
Reviews:
·DIRECTV
·Comcast

1 edit
reply to NSHPreds09

Click for full size
OpenDNS has been best for me by far. In addition to being faster than Comcast's DNS servers, you also receive the additional value of their security features even in the free basic version.


NSHPreds09

join:2009-04-01
Portland, TN

1 edit
reply to FactChecker

Here's the ping time to my primary Comcast DNS server. (located in Atlanta, GA)

C:\Users\Michael>ping 68.87.68.166

Pinging 68.87.68.166 with 32 bytes of data:
Reply from 68.87.68.166: bytes=32 time=18ms TTL=55
Reply from 68.87.68.166: bytes=32 time=18ms TTL=55
Reply from 68.87.68.166: bytes=32 time=20ms TTL=55
Reply from 68.87.68.166: bytes=32 time=17ms TTL=55

Ping statistics for 68.87.68.166:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 20ms, Average = 18ms

Here's the ping to OpenDNS's primary resolver (anycast routing sends me to their Chicago, IL datacenter)

C:\Users\Michael>ping 208.67.222.222

Pinging 208.67.222.222 with 32 bytes of data:
Reply from 208.67.222.222: bytes=32 time=26ms TTL=51
Reply from 208.67.222.222: bytes=32 time=23ms TTL=51
Reply from 208.67.222.222: bytes=32 time=24ms TTL=51
Reply from 208.67.222.222: bytes=32 time=24ms TTL=51

Ping statistics for 208.67.222.222:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 26ms, Average = 24ms

Is there anything I can do in command prompt to see exactly how long it would take to actually resolve a domain?
--
Latest Speedtest
21.10 Mbps Download
3.18 Mbps Upload
Faster than 94% of connections globally and 92% locally.



jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
kudos:1

Do a tracert.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to NSHPreds09

said by NSHPreds09:

Is there anything I can do in command prompt to see exactly how long it would take to actually resolve a domain?
Either the utility in this thread:

»[Software] Beta testers wanted: ns_ bench :)

Or the DNS Benchmark test on the GRC web site.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


NSHPreds09

join:2009-04-01
Portland, TN

Click for full size
Click for full size
said by NormanS:

said by NSHPreds09:

Is there anything I can do in command prompt to see exactly how long it would take to actually resolve a domain?
Either the utility in this thread:

»[Software] Beta testers wanted: ns_ bench :)

Or the DNS Benchmark test on the GRC web site.
This is what I got running the GRC DNS Benchmark. The 68.87.68.166 DNS Server is my primary DNS Server through Comcast. But I am just wondering, would OpenDNS (208.67.222.222) having a HUGE cache, could it actually be fast in resolving domains in real life usage?
--
Latest Speedtest
21.32 Mbps Download
4.28 Mbps Upload
Faster than 96% of connections globally and 94% locally.


NSHPreds09

join:2009-04-01
Portland, TN
reply to jack b

said by jack b:

Do a tracert.
I went ahead and did a tracert to dslreports.com and this is my result.

C:\Users\Michael>tracert dslreports.com

Tracing route to dslreports.com [209.123.109.175]
over a maximum of 30 hops:

1 1 ms 1 ms 1 ms 192.168.1.1
2 10 ms 8 ms 9 ms 71.228.196.1
3 10 ms 10 ms 11 ms ge-1-10-ur01.blairblvd.tn.nash.comcast.net [68.8
6.149.145]
4 9 ms 8 ms 9 ms 68.85.174.57
5 8 ms 20 ms 9 ms te-11-3-0-ur03.tulipgrove.tn.nash.comcast.net [6
8.85.174.53]
6 10 ms 8 ms 11 ms te-0-0-0-ur04.blebanonrd.tn.nash.comcast.net [68
.85.174.49]
7 11 ms 11 ms 10 ms te-11-3-0-ur03.blebanonrd.tn.nash.comcast.net [6
8.85.174.45]
8 40 ms 59 ms 13 ms te-4-1-ar01.nashville.tn.nash.comcast.net [68.85
.174.41]
9 24 ms 23 ms 25 ms pos-0-8-0-0-cr01.chicago.il.ibone.comcast.net [6
8.86.93.189]
10 25 ms 23 ms 23 ms pos-0-4-0-0-pe01.350ecermak.il.ibone.comcast.net
[68.86.86.162]
11 24 ms 23 ms 29 ms 208.178.58.69
12 51 ms 51 ms 60 ms xe-3-0-6.ar1.nyc3.us.nlayer.net [69.31.94.53]
13 55 ms 53 ms 51 ms ae0-60g.cr1.nyc3.us.nlayer.net [69.31.95.193]
14 65 ms 50 ms 53 ms po3.ar1.ewr1.us.nlayer.net [69.31.95.157]
15 71 ms 72 ms 72 ms as8001.te2-3.ar1.ewr1.us.nlayer.net [69.31.95.13
0]
16 73 ms 72 ms 75 ms 0.e1-4.tbr1.oct.nac.net [209.123.10.122]
17 74 ms 74 ms 73 ms vlan804.esd1.oct.nac.net [209.123.10.2]
18 66 ms 63 ms 62 ms www.dslreports.com [209.123.109.175]

Trace complete.

One question I have is that my DNS server is in Atlanta, but it's making hops to Nashville to Chicago and so on. I don't know much about tracerts.
--
Latest Speedtest
21.32 Mbps Download
4.28 Mbps Upload
Faster than 96% of connections globally and 94% locally.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to NSHPreds09

CDNs, such as Akamai, might not optimize delivery for your location if they are seeing DNS requests from Chicago (most likely location of the OpenDNS servers serving you). I don't know how Comcast does it, but ATTIS (the network side of my ISP) locates their DNS servers in the same facility as the aggregation routers (which are the first ATTIS IP hop AT&T DSL customers see in trace route). This isn't a lot different from OpenDNS for me (Pleasanton, California (ATTIS) vs. Palo Alto, California (OpenDNS)). But it could make a significant difference for somebody in Nevada, or Southern California.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum



NSHPreds09

join:2009-04-01
Portland, TN

said by NormanS:

CDNs, such as Akamai, might not optimize delivery for your location if they are seeing DNS requests from Chicago (most likely location of the OpenDNS servers serving you). I don't know how Comcast does it, but ATTIS (the network side of my ISP) locates their DNS servers in the same facility as the aggregation routers (which are the first ATTIS IP hop AT&T DSL customers see in trace route). This isn't a lot different from OpenDNS for me (Pleasanton, California (ATTIS) vs. Palo Alto, California (OpenDNS)). But it could make a significant difference for somebody in Nevada, or Southern California.
Do you think I should run a tracert using OpenDNS?
--
Latest Speedtest
21.32 Mbps Download
4.28 Mbps Upload
Faster than 96% of connections globally and 94% locally.

noisefloor

join:2010-05-09
reply to NSHPreds09

Level 3



NSHPreds09

join:2009-04-01
Portland, TN

Why Level3?



ztmike
Mark for moderation
Premium
join:2001-08-02
Michigan City, IN
reply to NormanS

said by NormanS:

said by NSHPreds09:

Is there anything I can do in command prompt to see exactly how long it would take to actually resolve a domain?
Either the utility in this thread:

»[Software] Beta testers wanted: ns_ bench :)

Or the DNS Benchmark test on the GRC web site.
What's the GRC website?


NSHPreds09

join:2009-04-01
Portland, TN

said by ztmike:

said by NormanS:

said by NSHPreds09:

Is there anything I can do in command prompt to see exactly how long it would take to actually resolve a domain?
Either the utility in this thread:

»[Software] Beta testers wanted: ns_ bench :)

Or the DNS Benchmark test on the GRC web site.
What's the GRC website?
»www.grc.com/dns/benchmark.htm
--
Latest Speedtest
21.32 Mbps Download
4.28 Mbps Upload
Faster than 96% of connections globally and 94% locally.


ztmike
Mark for moderation
Premium
join:2001-08-02
Michigan City, IN

2 edits
reply to NSHPreds09

Click for full size
What does the graphs mean the higher the better?

Edit: Didn't see the "sort fastest first" So I guess the ones it lists first are faster..if that's true OpenDNS is lagging for me which is odd because I'm only about 60 miles from Chicago.

How can I find out who the other DNS IPs are from? I don't want to go adding a IP that I don't know who its from.

Is there a WhoIS that would work to find out who they are?


THZNDUP
Deorum Offensa Diis Curae
Premium
join:2003-09-18
Lard
kudos:2

said by ztmike:

How can I find out who the other DNS IPs are from? I don't want to go adding a IP that I don't know who its from.

Is there a WhoIS that would work to find out who they are?
Maybe by clicking the tabs next to the 'Sort Fastest First' checkbox, ie: Name and/or Owner?
--
one should not increase, beyond what is necessary, the number of entities required to explain anything


NSHPreds09

join:2009-04-01
Portland, TN
reply to ztmike

said by ztmike:

What does the graphs mean the higher the better?

Edit: Didn't see the "sort fastest first" So I guess the ones it lists first are faster..if that's true OpenDNS is lagging for me which is odd because I'm only about 60 miles from Chicago.

How can I find out who the other DNS IPs are from? I don't want to go adding a IP that I don't know who its from.

Is there a WhoIS that would work to find out who they are?
Who is your ISP?
--
Latest Speedtest
21.32 Mbps Download
4.28 Mbps Upload
Faster than 96% of connections globally and 94% locally.


NSHPreds09

join:2009-04-01
Portland, TN
reply to newview

said by newview:

OpenDNS has been best for me by far. In addition to being faster than Comcast's DNS servers, you also receive the additional value of their security features even in the free basic version.
Is there any tweaks I could do? Your results look a lot better than mine.


Smudge192

@myvzw.com
reply to NSHPreds09

All of you need to take your analysis one further step to see the real effects upon CDN based sites. Use each dns server one at a time. Query for www.YouTube.com, www.google.com, cdn.netflix.com, etc. The do a ping and traceroute for each. Sometimes a dns resolver may be fast but the answers give you really much slower resulting IP addresses.



newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
kudos:1
Reviews:
·DIRECTV
·Comcast
reply to NSHPreds09

said by NSHPreds09:

Is there any tweaks I could do? Your results look a lot better than mine.
Well, I don't know of any specific tweaks, but I can tell you my setup. I'm behind a router and all my computers are manually assigned IP addresses and DNS settings.

I did initially discover from reading the "Conclusions" tab that I had one of the slower OpenDNS servers listed first but I have since changed that.

Also, there is a wealth of information and links (links on the bottom of page) to configuration options & info on Steve's DNS Benchmark web page


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

said by newview:

I did initially discover from reading the "Conclusions" tab that I had one of the slower OpenDNS servers listed first but I have since changed that.
What are you saying? OpenDNS uses 'Anycast' technology, so you should be using their published IP addresses. It is also used by Level 3, so unless you are in the same city as another person using 4.2.2.x, you won't be using the same DNS servers, even though you are using 4.2.2.x.


newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
kudos:1
Reviews:
·DIRECTV
·Comcast

said by NormanS:

What are you saying?
OpenDNS uses 'Anycast' technology, so you should be using their published IP addresses.
I am using the two OpenDNS servers recommended to me on the OpenDNS web site, one of which was slower than the other as tested by DNS Benchmark. I had the slower one listed first in my manual configuration. I have since switched and put the faster of the two first.

said by NormanS:

It is also used by Level 3, so unless you are in the same city as another person using 4.2.2.x, you won't be using the same DNS servers, even though you are using 4.2.2.x.
????
I'm not using 4.2.2.x at all.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

2 edits

Anycast!!!! Anycast!!! Used by ATTIS, Level 3, and OpenDNS for their DNS servers.

Your trace route to ATTIS (68.94.156.1), Level 3 (4.2.2.1), or OpenDNS (208.67.222.222) will go to a destination in a different part of the nation than mine will.
For ATTIS:

07/25/10 13:47:36 Slow traceroute 68.94.156.1
Trace 68.94.156.1 ...
192.168.0.1     RTT:   2ms TTL: 64 (suzuka.aosake.net ok)
68.127.107.254  RTT:  42ms TTL: 63 (adsl-68-127-107-254.dsl.pltn13.pacbell.net ok)
64.164.107.1    RTT:  42ms TTL:253 (No rDNS)
151.164.42.100  RTT:  43ms TTL:252 (bb1-10g2-0.pltnca.sbcglobal.net ok)
64.164.97.241   RTT:  43ms TTL:251 (srvr3-vlan40.pltnca.sbcglobal.net ok)
68.94.156.1     RTT:  60ms TTL:250 (dnsr1.sbcglobal.net ok)
 
For Level 3:
07/25/10 13:46:46 Slow traceroute 4.2.2.1
Trace 4.2.2.1 ...
192.168.0.1     RTT:   8ms TTL: 64 (suzuka.aosake.net ok)
68.127.107.254  RTT:  43ms TTL: 63 (adsl-68-127-107-254.dsl.pltn13.pacbell.net ok)
64.164.107.129  RTT:  43ms TTL:253 (No rDNS)
151.164.93.237  RTT:  43ms TTL:251 (No rDNS)
151.164.43.100  RTT:  43ms TTL:251 (bb1-p9-0.pltnca.sbcglobal.net ok)
151.164.101.206 RTT:  43ms TTL:249 (No rDNS)
151.164.250.138 RTT:  54ms TTL:244 (asn3356-level3.eqsjca.sbcglobal.net ok)
4.68.18.126     RTT:  59ms TTL:244 (vlan79.csw2.SanJose1.Level3.net ok)
4.68.123.6      RTT:  54ms TTL:244 (ge-10-0.core1.SanJose1.Level3.net ok)
4.2.2.1         RTT:  55ms TTL: 54 (vnsc-pri.sys.gtei.net bogus rDNS: host not found [authoritative])
 
For OpenDNS:
07/25/10 13:46:57 Slow traceroute 208.67.222.222
Trace 208.67.222.222 ...
192.168.0.1     RTT:   0ms TTL: 64 (suzuka.aosake.net ok)
68.127.107.254  RTT:  45ms TTL: 63 (adsl-68-127-107-254.dsl.pltn13.pacbell.net ok)
64.164.107.129  RTT:  43ms TTL:253 (No rDNS)
151.164.42.102  RTT:  43ms TTL:252 (bb2-10g2-0.pltnca.sbcglobal.net ok)
151.164.101.210 RTT:  43ms TTL:249 (No rDNS)
151.164.251.246 RTT:  54ms TTL:244 (asn3356-level3.eqsjca.sbcglobal.net ok)
4.68.18.254     RTT:  57ms TTL:244 (vlan99.csw4.SanJose1.Level3.net ok)
4.69.134.233    RTT:  57ms TTL:244 (ae-83-83.ebr3.SanJose1.Level3.net ok)
4.69.132.10     RTT:  58ms TTL:244 (ae-2-2.ebr3.LosAngeles1.Level3.net ok)
4.69.144.197    RTT:  54ms TTL:244 (ae-43-90.car3.LosAngeles1.Level3.net ok)
4.71.32.78      RTT:  54ms TTL:244 (SPLICE-COMM.car3.LosAngeles1.Level3.net ok)
208.67.222.222  RTT:  54ms TTL: 56 (resolver1.opendns.com ok)
 

--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
kudos:1
Reviews:
·DIRECTV
·Comcast

1 edit

said by NormanS:

Used by ATTIS, Level 3, and OpenDNS for their DNS servers.
OK . . . I see now. That's what you should have said the first time.