ISP DNS or Googles??

Status
Not open for further replies.

Andrew Byrd

Member
Feb 16, 2018
309
10
18
54
I have one client that has the google dns servers set in his router 8.8.8.8 and 8.8.4.4. This makes all his voip phones use the googles servers for DNS of course.

I have another client that that uses his ISP's dns at router level. Therefore his voip phones show his gateway as his dns 192.168.1.1 - know this is just referring the dns query back to the ISP.

Which way is better? Any pros or cons to either way?
 

mat1010

Member
Jun 8, 2019
56
14
8
Germany
Which way is better? Any pros or cons to either way?
Sometimes the ISPs do shady things with your DNS queries. I worked with a provder that answered to every non-existing domain with one of his webservers IPs instead of delivering a proper NXDOMAIN. This resulted in headaches during debugging since you were able to ping that domain but it was always the ISPs IP that answered - but this is of course a special situation I were in with this specific ISP. A reason to not use google might be privacy concerns since google will be able to see all your queries - but this is also true for your ISP.

A pro for using your router would be performance, after your first query the router usually caches the result, depending on the records TTL, and does not have to query the ISPs upstream servers again for that time. Additionally the local routers DNS might allow you set custom DNS records so you wouldn't have to run a fully fledged local DNS server to do this if this will be relevant for you in the future.

The best solution would be to run your own local recursor that does not use google or the ISPs DNS servers at all and queries the authoritive nameservers of the queried domain "directly" - of course he would have to ask the NICs DNS servers as well and so on, but you have it completly in your hand.

Another possible approach would be to stick with your routers DNS and not use google or your ISPs servers as upstream, but instead use some DNS servers that are known for their respect on privacy. Examples are https://www.quad9.net/ or https://www.opendns.com/

Generally the availability might be also a thing if either your ISPs DNS servers have issues or your way to the servers of google / some other external provider does not work for whatever reason you will also not be able to resolve addresses.

I hope this helps, even though my thoughts might be not that well sorted :p
 
Last edited:
Status
Not open for further replies.