Saw the announcement this morning on the bus — Google Public DNS. My immediate reaction (as recorded on twitter) is — I’ll hate to be OpenDNS right now. David U. at OpenDNS quickly responded saying basically “ARGH! OpenDNS is better! Google could be EVIL! But it’s all good for the DNS space”.

Well. Let’s compare them side by side, from my perspective:

  OpenDNS Google Public DNS
IP Address 208.67.222.222
208.67.220.220
(Anycast)
8.8.8.8
8.8.4.4
(Anycast)
Cache Size BIG Gonna be MASSIVE
Latency to Australia Sucks (170ms) Sucks Less (150ms)
Handling Non-Existing Domain Resolve to OpenDNS
(Configurable)
NXDOMAIN
Configuration Options Lots! None

Well. Please Google put a resolver somewhere in Sydney! Otherwise a local cache + forward is still preferred. But for now running a cheap virtual server with a badly configured resolver from the provider, I am more likely to jump on Google Public DNS because

  • It’s just much easier to remember 8.8.8.8 than 208.what?.
  • NXDOMAIN works by default — there is no need for me to log into OpenDNS to set up subnet rules under my account.

OpenDNS does have one advantage for developers though — CacheCheck, which allows you to request the cache to be flushed. Very useful when you have just changed some records, and would like to see that applied to the whole OpenDNS cluster. Google on the other hand gives NIL functionality except something listening on port 53.

For enterprise users it could be a different story though. Having ability to fine tune the behavuour of NXDOMAIN handling, blocking certain domains, phishing/malware/botnet protection, etc — these would be much more useful for an organisation. Will Google gradually roll out similar tools? No idea — just like we have no idea that Google is entering into the public resolver market.

Let’s wait & see.