[Infowarrior] - Introducing Google Public DNS

[Richard Forno]

http://googlecode.blogspot.com/2009/12/introducing-google-public-dns-new-dns.html

Introducing Google Public DNS: A new DNS resolver from Google
Thursday, December 03, 2009
Today, as part of our efforts to make the web faster, we are  
announcing Google Public DNS, a new experimental public DNS resolver.

The DNS protocol is an important part of the web's infrastructure,  
serving as the Internet's "phone book". Every time you visit a  
website, your computer performs a DNS lookup. Complex pages often  
require multiple DNS lookups before they complete loading. As a  
result, the average Internet user performs hundreds of DNS lookups  
each day, that collectively can slow down his or her browsing  
experience.

We believe that a faster DNS infrastructure could significantly  
improve the browsing experience for all web users. To enhance DNS  
speed but to also improve security and validity of results, Google  
Public DNS is trying a few different approaches that we are sharing  
with the broader web community through our documentation:

	• Speed: Resolver-side cache misses are one of the primary  
contributors to sluggish DNS responses. Clever caching techniques can  
help increase the speed of these responses. Google Public DNS  
implements prefetching: before the TTL on a record expires, we refresh  
the record continuously, asychronously and independently of user  
requests for a large number of popular domains. This allows Google  
Public DNS to serve many DNS requests in the round trip time it takes  
a packet to travel to our servers and back.

	• Security: DNS is vulnerable to spoofing attacks that can poison the  
cache of a nameserver and can route all its users to a malicious  
website. Until new protocols like DNSSEC get widely adopted, resolvers  
need to take additional measures to keep their caches secure. Google  
Public DNS makes it more difficult for attackers to spoof valid  
responses by randomizing the case of query names and including  
additional data in its DNS messages.

	• Validity: Google Public DNS complies with the DNS standards and  
gives the user the exact response his or her computer expects without  
performing any blocking, filtering, or redirection that may hamper a  
user's browsing experience.
We hope that you will help us test these improvements by using the  
Google Public DNS service today, from wherever you are in the world.  
We plan to share what we learn from this experimental rollout of  
Google Public DNS with the broader web community and other DNS  
providers, to improve the browsing experience for Internet users  
globally.

To get more information on Google Public DNS you can visit our site,  
read our documentation, and our logging policies. We also look forward  
to receiving your feedback in our discussion group.