Google has moved beyond just controlling and tracking what you do on the web, with an announcement that it is launching its own public DNS service. The claims that it speeds up your browsing experience are slightly misleading. If it was all about server performance then the claims might stand up better to scrutiny but, typically you use the DNS service provided by your ISP. This is a server very close to you from a network perspective. In a mobile environment Google’s claims might also carry a bit more weight but, not if you are on a handset connected to 3G using the DNS server provided by your MNO. In actually getting a request to the DNS server, your IP packets traverse a series of routers and network nodes. Under Windows XP the command to see this in action is ‘tracert’ which stands for trace route.
My ADSL ISP is BT Openworld and their DNS server (one of several) has an IP address of 213.120.62.97. The output of the traceroute command is:
1 <1 ms <1 ms <1 ms www.routerlogin.com [192.168.1.1]
2 33 ms 35 ms 33 ms esr11.kingston5.broadband.bt.net [*.*.*.*] (IP address hidden for privacy reasons)
3 35 ms 33 ms 33 ms *.*.*.* (IP address hidden for privacy reasons)
4 33 ms 32 ms 35 ms 213.123.80.6
5 35 ms 32 ms 32 ms 217.41.171.9
6 32 ms 34 ms 31 ms 217.41.217.50
7 33 ms 33 ms 33 ms 217.41.217.34
8 32 ms 34 ms 32 ms 217.47.66.58
9 33 ms 34 ms 33 ms 62.6.40.98
10 34 ms 33 ms 33 ms core3-pos0-0-0-10.ealing.ukcore.bt.net [62.6.204.89]
11 35 ms 35 ms 66 ms core1-pos15-1.bletchley.ukcore.bt.net [194.74.16.154]
12 35 ms 36 ms 34 ms interconnect1-pos4-0.bletchley.fixed.bt.net [194.72.31.34]
The equivalent for Google DNS at IP address 8.8.8.8 is:
1 <1 ms <1 ms <1 ms www.routerlogin.com [192.168.1.1]
2 32 ms 32 ms 33 ms esr11.kingston5.broadband.bt.net [*.*.*.*] (IP address hidden for privacy reasons)
3 33 ms 34 ms 32 ms *.*.*.* (IP address hidden for privacy reasons)
4 34 ms 32 ms 32 ms 213.123.80.6
5 32 ms 32 ms 33 ms 217.41.171.9
6 34 ms 32 ms 31 ms 217.41.217.50
7 33 ms 32 ms 33 ms 217.41.217.42
8 32 ms 34 ms 33 ms 217.47.159.34
9 32 ms 33 ms 33 ms core2-pos3-2.kingston.ukcore.bt.net [62.6.40.117]
10 33 ms 33 ms 34 ms core2-pos0-15-0-5.ealing.ukcore.bt.net [62.6.201.42]
11 34 ms 35 ms 35 ms core4te-0-7-0-0.telehouse.ukcore.bt.net [62.172.102.21]
12 34 ms 36 ms 34 ms 195.99.126.26
13 39 ms 34 ms 36 ms 209.85.255.175
14 42 ms 43 ms 42 ms 66.249.95.170
15 42 ms 41 ms 41 ms 209.85.251.231
16 42 ms 46 ms 54 ms 209.85.243.81
17 42 ms 42 ms 41 ms google-public-dns-a.google.com [8.8.8.8]
As you can clearly see, there is an additional time delay in getting to the Google DNS server and an equivalent delay in getting a response back. From a speed perspective alone your ISP is likely to offer better performance, especially one outside of the USA.
I’m not convinced by Google’s claim that their DNS solution is any more secure either. There are fundamental issues in the way DNS works and have seen no real evidence to suggest that these have been fixed. Google may have some nice technology and algorithms but all we have to go on is a ‘trust us’ statement.
The key reason Google wants you to move to their DNS server is that DNS is used by pretty much every web protocol and application to resolve a domain name into an IP address. This would enable them to track much more than just web browser traffic and to get a view of much more of what you do on your Internet connected devices. Google DNS will give them a view of which mail servers you are using, which VOIP services and which web sites you use outside of the Google domain and search tracking capability. Make no mistake, this is the only real driving force behind Google’s move into this space. It’s not privacy invasion of the scale comparable to the planned deployment of Phorm by UK ISPs but, combined with Google’s other tracking technologies and their penetration onto the PC and mobile desktop, it is to some extent worse. It goes way beyond just web browser traffic.
Google says it does not plan to release Google Public DNS as an open source project and that is only designed to be implemented within Google. If it is Google’s intent is to make DNS better for the world, then why isn’t the project open source?
OK, so much for the theory. What about some real measurements? I decided to run some of my own tests using a DNS Benchmark utility and the results backed up my thinking. If you are in the UK and using a major ISP, with half decent servers and network infrastructure, the use of Google Public DNS is going to slow you down!
Test Results
