Home « Forum « Site Announcements

Forum: Site Announcements

PSA: New Privacy minded free DNS Service

Lazeez Jiddan (Webmaster)

There is a new free DNS service that is privacy oriented for consumers.

1.1.1.1 is the IP address for the new service. If you care about your privacy and don't have a paid-for DNS service, then use this.

https://blog.cloudflare.com/announcing-1111/

Replies:   Switch Blayde
Switch Blayde

@Lazeez Jiddan (Webmaster)

Ok, for the technically challenged.

What actually happens when it's installed?

Ernest Bywater

@Switch Blayde

think of the DNS server as you combination phone book and exchange operator. Once you have the DNS set for the server that's where you're enquiries for a URL go to get converted to an IP address to get you to the actual page.

Replies:   Switch Blayde
PrincelyGuy

I tend to be skeptical of items like this and it starting up on April 1, makes me even more leery. So has anyone actually used it? It sounds too good to be true and I am trying to figure out how they are going to make money on a free DNS global server.

Replies:   Capt. Zapp  garymrssn
Ernest Bywater

follow the link and read what they have to say. I bet they'll have extra follow up service you have to pay for which they'll make their money off.

Capt. Zapp

@Switch Blayde

Ok, for the technically challenged.

What actually happens when it's installed?


Basically, it's like using a different phonebook for the same area. Only this one doesn't look over your shoulder to see where you are looking up.

Capt. Zapp

@PrincelyGuy

I'm using it. No issues so far.

Switch Blayde

@Ernest Bywater

think of the DNS server as you combination phone book


I sort of know what DNS is. To me, it's a table that converts a name to an IP address.

But I wonder what actually happens on my Macbook Pro when I install it. And what issues, if any, will I have with my ISP provider? And what if I want to go back to the way it was?

garymrssn

@PrincelyGuy

I am trying to figure out how they are going to make money on a free DNS global server

This just "Good Will" and "Name Recognition" advertising.
As a portion of their annual revenue, the cost is miniscule.

Ernest Bywater

@Switch Blayde

you shouldn't have any issues with your ISP. However, it may sometimes take a DNS request a few extra seconds to resolve, depending on where you in relation to the new DNS server.

As to the MacBook, it shouldn't make any difference at all, and if you want to switch back later you only have to enter in the DNS IP of your ISP which is currently used, so just write it down somewhere.

I'm noticing a faster DNS resolution time, but then I have a TunnelBear VPN surfacing in Canada before it tries to resolve the DNS calls, which used to be routed back to my ISP in Australia, and now go to where Cloudflare are which is probably in the USA.

Michael Loucks

If you want to check which DNS server is fastest, use DNS Benchmark from grc.com.

Works on Windows natively; works perfectly for me in Wine on Mac + Linux. You can add your own DNS servers to the testing list, which is customizable.

Replies:   Daydreamz
Lazeez Jiddan (Webmaster)

@Switch Blayde

But I wonder what actually happens on my Macbook Pro when I install it.


Nothing will 'happen to it'. The only difference is that when it's looking up an IP address for a domain, it will connect to 1.1.1.1 instead of whatever is configured in the network connection that you have now.

And what issues, if any, will I have with my ISP provider?


Should have no issues. It used to be that ISPs provided a host of services like nntp and email that relied on you being on their network as a method of authentication. If you have any of those, then this would interfere.

But since those practices have been largely abandoned, then this should cause no problem.

And what if I want to go back to the way it was?


Very simply. Add this 1.1.1.1 server as the first option in the DNS panel (top line, first line in the DNS box) and keep the existing entries. If this fails then the macbook will fall back onto what you have now. If you want to abandon this new service, just go in and delete the line from the DNS box.

Replies:   Switch Blayde
Switch Blayde
Updated:

@Lazeez Jiddan (Webmaster)


Add this 1.1.1.1 server as the first option in the DNS panel


Then why do I have to install anything? The article had a link to install it. Looks like I can do it from System Preferences/Network.

What about WiFi? I have a laptop that's connected thru ethernet, but when I'm not in my house it's connected through WiFi.

ETA: Actually, I'm connected to my router via an ethernet cable.

Lazeez Jiddan (Webmaster)

@Switch Blayde

Then why do I have to install anything? The article had a link to install it. Looks like I can do it from System Preferences/Network.


Nobody said that you have to install anything. Just add the configuration to your settings.

What about WiFi? I have a laptop that's connected thru ethernet, but when I'm not in my house it's connected through WiFi.


On the Mac, each connection can have its own DNS settings. If you use two of them (ethernet and wifi) then you need to add the server to both connections' settings in the DNS box.

Capt. Zapp

@Switch Blayde

Then why do I have to install anything? The article had a link to install it. Looks like I can do it from System Preferences/Network.


YOU probably don't, but there are a lot of 'technologically challenged' folks out there that need an 'installer' to make the changes you and I can do manually. The 'installer' is probably aimed at them. ;)

Replies:   awnlee jawking
Vlad_Inhaler

There is no Installer, but the website has its instructions under a button marked INSTALL.
btw, the instructions for Linux are misleading and incomplete - click any other platform to see what is missing.

awnlee jawking

@Capt. Zapp

That would be me ;)

The Windows instructions aren't valid for XP. I think I have worked out what to do instead but I'm reluctant to actually go through with it because it's a working machine (rather than eg a games machine) and I'm not sure what I'm doing. Has anyone else installed it on XP?

AJ

Replies:   Ross at Play
Gauthier

Do not forget that DNS trafic is unencrypted UDP port 53.
So even if you do switch to that new 1.1.1.1 DNS server, your isp can still log and mess with your DNS queries.

That is unless you are using doh (DNS over HTTPS)

But currently, chrome removed the feature and only a nightly firefox build can exploit that:

https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/

Ross at Play
Updated:

@awnlee jawking

The Windows instructions aren't valid for XP.

The instructions are invalid for Windows 7 too.

At step 3, when it says 'Click on Change Adapter Settings', I selected 'view network status and devices'.

I could then see 'the Wi-Fi network you are connected to'. It has the name you'd expect: the same as shown if you click on the strength bars icon on the task bar.

I suggest just blundering on, making the most likely guess when you cannot do what the instructions actually say. Where you want to be is obvious once you see it and you won't do any harm unless you commit to something.

You'll probably guess right the first time. If not, just backtrack and try again.

Centaur
Updated:

run this is in the command line (CMD prompt) and it will do a global change to your DNS entrys. it will work on xp,vista,7,8,8.1. it won't work on 10 from what i understand

quickest way to the command prompt is hold down the windows key and hit the letter "R", and type CMD in the run box, paste the cfollowing command in the promt.

wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")

Switch Blayde

Wow, the instructions are wrong for Linux, XP, and Windows 7. Doesn't give me a lot of confidence in them.

Replies:   doctor_wing_nut
doctor_wing_nut

@Switch Blayde

Agree, seems like a good idea poorly executed.

Sometimes tech-weenies have trouble explaining things to actual humans who use computers. They really need a Geek-to-Normal instructional vid, or at least a nice crayon drawing.

PrincelyGuy

@doctor_wing_nut

or at least a nice crayon drawing.


LOL, that brought out a real laugh. Thank you.

awnlee jawking

@doctor_wing_nut

or at least a nice crayon drawing.


I resemble that remark.

I like the (usually) easy-to-follow instruction on wikihow.

AJ

Switch Blayde

@doctor_wing_nut

Sometimes tech-weenies have trouble explaining things to actual humans


That's why I ask Lazeez. He can, usually, dumb-down the answer for me to understand.

7dreams

All my computers sit behind my router that connects to the cable box. I changed the DNS line for the router to 1.1.1.1, and that was all that is needed as far as I can tell. If my ISP really wants to intercept and interpret my DNS traffic, my best recourse is probably to use a VPN service, although DNS over HTTPS would be nice if it was uniformly available. Have not got to the point of using VPN yet.

Daydreamz

@Michael Loucks

That's a great utility, thanks

Back to Top