Speed up DNS lookups - Mac OS X Hints

This hint isn't specific to Mac OS X, but I find it so helpful I wanted to share it. You can speed up DNS response for look-ups by specifying OpenDNS' servers in System Preferences » Network » Configure » TCP/IP. The optional DNS Servers field is probably empty, so to switch to OpenDNS' servers, you enter their IP addresseses into that field:

208.67.222.222
208.67.220.220

You can also make this change in the setup mode of some routers and cable modems, if you wish to convert a local area network all at once, rather than making the change on each machine individually.

The response time for DNS lookups is usually faster even for web browsing, but where OpenDNS really helps is when you are processing web server log files to turn IP addresses into names. I use DNSTran on my log files before processing them with Summary, and I'll bet it takes about a tenth of the time when using OpenDNS compared to using whatever my ISP offers as a default. For me, this is the difference between 30 to 40 minutes of waiting for lookups to complete, versus waiting only a few minutes.

The only thing you have to be aware of is that if you dig an invalid address in Terminal.app, the results will appear to show that the main DNS server for your invalid address belongs to OpenDNS, which is almost certainly not the case. If this is a problem, though, you can set up different locations in System Preferences » Network, allowing quick and easy switching among default DNS servers, OpenDNS servers, and any other servers you may use.

dig @208.67.222.222 i-do-not-exist.microsoft.com ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; ANSWER SECTION: i-do-not-exist.microsoft.com. 0 IN A 208.69.32.130 whois 208.69.32.130 NetRange: 208.69.32.0 - 208.69.39.255 CIDR: 208.69.32.0/21 NetName: OPENDNS-NET-2

% dig www.google.com ... ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 85882 IN CNAME www.l.google.com. www.l.google.com. 58 IN A 72.14.253.104 www.l.google.com. 58 IN A 72.14.253.147 www.l.google.com. 58 IN A 72.14.253.99 www.l.google.com. 58 IN A 72.14.253.103 ...

% dig @208.67.222.222 www.google.com ... ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 30 IN CNAME google.navigation.opendns.com. google.navigation.opendns.com. 30 IN A 208.67.219.230 google.navigation.opendns.com. 30 IN A 208.67.219.231 ...

From our Sponsor...

The macosxhints Poll

iPad_poll_#1

Speed up DNS lookups | 34 comments | Create New Account

Click here to return to the 'Speed up DNS lookups' hint

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Speed up DNS lookups
Authored by: chrisrosa on Wed, Jun 6 2007 at 9:20AM PDT

OpenDNS is great, but be sure not to do this at work, as you may lose your connection to your company's network resources. This may be obvious for some, but not for others.

Speed up DNS lookups
Authored by: nofxosx on Wed, Jun 27 2007 at 3:52PM PDT

true,

but I setup BIND forwarding on my linux DNS box and it works magically in my company network, plus I get basic domain blocking which is nice and useful

Speed up DNS lookups
Authored by: appleman_design on Wed, Jun 6 2007 at 9:31AM PDT

I have used these # for some time now... and have seen a increase in lookup time

Speed up DNS lookups
Authored by: ScottTFrazer on Wed, Jun 6 2007 at 9:39AM PDT

Note that OpenDNS, in an attempt at helping you out, directs unfound FORWARD entries to a "helper" page. This can be bad for troubleshooting and automated log processing. (Reverse DNS lookups aren't affected, however) To demonstrate, do a dig using a standard DNS server (I'll use 4.2.2.1 as an example) on a hostname that doesn't exist:

dig  @4.2.2.1 i-do-not-exist.microsoft.com

You'll notice it doesn't return a host address:

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

The same query against an OpenDNS server returns a host address that isn't associated with microsoft:

I had this bite me while trying to troubleshoot one our developers home VPN connections.

Speed up DNS lookups
Authored by: ghay on Wed, Jun 6 2007 at 10:07AM PDT

Good to note, but as with anything read the manual.
OpenDNS tries to correct typos.

http://www.opendns.com/faq/#why_is_opendns_smarter

Speed up DNS lookups
Authored by: Baumi on Wed, Jun 6 2007 at 10:12PM PDT

While that may be useful for normal browsing and most users, it can be an absolute no-no if you're running scripts that depend on getting correct DNS errors, e.g. for URL validation.

Not trying to bash OpenDNS here, just pointing out that, depending on your needs, there might be some caveats, because it's a system that's completely geared at making interactive use convenient, and breaks some prerequisites for automatic use in the process.

Speed up DNS lookups
Authored by: rgray on Wed, Jun 6 2007 at 9:40AM PDT

"I have used these # for some time now... and have seen a increase in lookup time"

I have had the same experience. Perhaps as OpenDNS has become better known its traffic has increased, thereby reducing its advantage... ??

Speed up DNS lookups
Authored by: davidu on Wed, Jun 6 2007 at 10:07AM PDT

Hey guys.... (stoked to see us on Mac OS X Hints!)

We should definitely NOT be getting slower. I'm always happy to check out a traceroute from you to us (traceroute to 208.67.222.222) and send it off to some of our engineers. As to our overall query performance and speed, we should absolutely be fast, still. We track our overall query performance and speed but perhaps we need to expose some of this stuff to the outside world like we do other things at http://status.opendns.com/

Thanks!

David Ulevitch

Speed up DNS lookups
Authored by: Panjandrum on Wed, Jun 6 2007 at 7:07PM PDT

I admit that I have not performed speed tests with Open DNS, but subjectively it has definitely gotten slower over time. I first found the service when it showed up on SlashDot (I think). I will admit there is a possibility that I've simply become used to the additional speed, but I don't honestly think that is the case. I certainly remember that pages seemed to literally leap upon the screen when I first moved to OpenDNS, but that is no longer the case. Possibly the user base has simply grown too fast to quite keep up with...

Still a great service however, and still faster than Charter's servers by a long shot however!

---
==============================
David Butler
http://www.macmaven.net/
http://www.dhbutlerphotography.com/

Speed up DNS lookups
Authored by: ppp on Wed, Jun 6 2007 at 10:25AM PDT

Response times using these addresses appear to be twice as long as using my local Comcast supplied servers. dig reports an average of 15ms for SF Comcast vs. 30ms for OpenDNS.

I tested other networks: AT&T DSL 17ms vs. 24ms for OpenDNS, TimeWarner Comm. T1 23ms vs. 9ms for OpenDNS.

It seems that it makes quite a difference depending on your network location, and the performance of your ISP supplied DNS servers. Definitely not universal, but worth looking into.

Speed up DNS lookups
Authored by: adrianm on Wed, Jun 6 2007 at 10:33AM PDT

Worth knowing, although for me, my ISP/ADSL provider's DNS server seems to be just as fast (ie about 9ms average lookup).

---
~/.sig: not found

Speed up DNS lookups
Authored by: xcarobx on Wed, Jun 6 2007 at 12:14PM PDT

I get around 57 ms when I ping OpenDNS servers.
11 ms with the DNS-servers my ISP provided.

Speed up DNS lookups
Authored by: xcarobx on Wed, Jun 6 2007 at 12:19PM PDT

How do I check Lookup-time?
I have checked the Ping-times but i realize this might not accurately show the differences in Lookup-time ...

Please help?

Speed up DNS lookups
Authored by: gmachen on Wed, Jun 6 2007 at 5:17PM PDT

The OpenDNS website's instructions say to replace one's current two DNS addresses with their two OpenDNS addresses in the Mac OS X Network prefPane, then restart.

1) Is there any reason I can't have four addresses in there, first the two OpenDNS ones, then my two local ISP's?

2) Aren't one's DNS queries carried out in order of appearance of the DNS addresses as entered in one's Network prefPane; if one times-out then the next one is tried?

3) Does one really have to restart for them to take effect? I thought just clicking the Apply button did it on-the-fly. Are there caches or something involved that necessitate a restart?

Speed up DNS lookups
Authored by: tuscantwelve on Wed, Jun 6 2007 at 7:19PM PDT

1) Is there any reason I can't have four addresses in there, first the two OpenDNS ones, then my two local ISP's?

2) Aren't one's DNS queries carried out in order of appearance of the DNS addresses as entered in one's Network prefPane; if one times-out then the next one is tried?

3) Does one really have to restart for them to take effect? I thought just clicking the Apply button did it on-the-fly. Are there caches or something involved that necessitate a restart?

To answer your questions in detail:

1) No, you may add as many DNS server addresses as you like.

2) Sort of. First, lookupd's cache is consulted, then DNS, (then NetInfo, and finally, NIS/flatfiles, if enabled through Directory Access).

3) There are two ways to flush the cache of lookupd - as an administrator, the following commands will accomplish what you want:

 $ lookupd -flushcache

Or, if you prefer,

 $ sudo killall -HUP lookupd

HTH.

Speed up DNS lookups
Authored by: lolopb on Thu, Jun 7 2007 at 12:32PM PDT

Hi,

2) Sort of. First, lookupd's cache is consulted, then DNS, (then NetInfo, and finally, NIS/flatfiles, if enabled through Directory Access).

Well, for hosts lookup, the configuration of lookupd is a little bit different and, so, the order of the agents used is different. The good order in this case is : Cache, Flat-Files (such as /etc/hosts), DNS, NetInfo and DirectoryService which can look in many places according to what's configured using /Applications/Utilities/Directory Access.app (LDAP, Active Directory, NIS and Flat Files...). To look at the configuration :

 lookupd -configuration

Avoid restart...
Authored by: tuscantwelve on Wed, Jun 6 2007 at 7:07PM PDT

You should be able to reset the DNS cache on your system (and avoid a restart) by issuing this command from a terminal (as an administrator):

Speed up DNS lookups, HA
Authored by: pauldy on Wed, Jun 6 2007 at 8:22PM PDT

This has to be one of the dumbest hints ever. About the only thing this hint does is turn all the people who use it into little hamsters running someone else's machine. I have seen this pop up several places and unless you have inherent problems with your internet provider, that you should probably bring up with them, then you have no use for this service. Unless you like being someone else's tool.

Speed up DNS lookups, HA
Authored by: romahony on Wed, Jun 6 2007 at 10:57PM PDT

I used this for a bit but I found that many and I mean many DNS enteries were not resolved. You may see a tiny increase in speed but the two DNS servers mentioned are no good.

Speed up DNS lookups, HA
Authored by: Jonsi on Thu, Jun 7 2007 at 3:38AM PDT

Isn't then the right thing to do to first list your local ISP DNS servers and then these OpenDNS servers in your Nerwork preferences, as a sort of reserve if your ISP's servers fail?

Speed up DNS lookups, HA
Authored by: pauldy on Thu, Jun 7 2007 at 2:58PM PDT

Possibly, but chances are if you ISP primary and backup dns are down then your ability to get anywhere might be as wel But you could place it as a tertiary option for a backup to the backups.

Speed up DNS lookups, HA
Authored by: davidu on Thu, Jun 7 2007 at 1:09PM PDT

We provide more than just speed benefits for people... There are all kinds of reasons to use OpenDNS. But hamster? wheel? Not really. I think I'm more of the hamster in the wheel, but I don't mind it. :-)

Speed up DNS lookups, HA
Authored by: pauldy on Thu, Jun 7 2007 at 3:13PM PDT

I'm curious as to what you think are the reasons people should use your "service."

Speed up DNS lookups, HA
Authored by: gregraven on Fri, Jun 8 2007 at 6:12AM PDT

Maybe you're higher up the DNS food chain than I am, but like many others I know, when I run a DNS query, I'm using someone else's machine, no matter which service I use to connect to the Internet -- I don't run my own comprehensive DNS server. Imagine that!

However, I DO like to have domain names instead of IP addresses in my log analysis reports. OpenDNS allows me to make these substitutions far faster than any of the default DNS servers to which I've had access. In my book, saving a bunch of time on a task such as this is anything but "stupid."

---
--
Greg Raven
Apple Valley, CA

Speed up DNS lookups, HA
Authored by: pauldy on Fri, Jun 8 2007 at 6:56AM PDT

I use the default name servers verizon provides me without issue. If you run your own server then you should look at running a caching name server. Most linux distros offer it as a simple package you install and forget about. Windows is a bit more of a challenge but the rewards should be an even faster lookup than using a remote service.

If you are having issues with the speed of your local DNS queries then you really should take that up with whoever administrates the network in which you live.

If your using it for some other reason then you should be aware that some of the things this network does is on par with what network solutions was doing years back and got their hands slapped. Then at least your letting people make an informed decision and not baiting them into it with promises of faster internet response (which everyone wants), and instead they now have the potential for all sorts of things to happen they didn't expect. Like getting redirected to other sites or the potential of this company going out of business without the end user knowing, and someone nefarious snagging those ips and really causing some issues for people who would be the most vulnerable.

Speed up DNS lookups, HA
Authored by: gregraven on Sun, Jun 10 2007 at 2:56PM PDT

I replied to this, but apparently hit the wrong button, so it appears in the main stream of responses.

---
--
Greg Raven
Apple Valley, CA

Speed up DNS lookups
Authored by: gmachen on Thu, Jun 7 2007 at 4:48AM PDT

Wow! Un-frakking-believable! With OpenDNS, my web surfing speed has increased enormously! (I guess Road Runner's supplied DNS has been piss-poor all these years.)

OpenDNS hijack google.com
Authored by: proton on Thu, Jun 7 2007 at 11:51PM PDT

Before you do this consider this little fact: OpenDNS servers hijack google.com. When you ask for www.google.com it gives you the address of their own servers. From my ISP's DNS (or from the Google DNS directly):

From OpenDNS:

They say nothing about this in their FAQ or their Privacy Policy so you might want to steer well clear until they come clean on this one.

OpenDNS hijack google.com
Authored by: changcheh on Fri, Jun 8 2007 at 3:38AM PDT

There is a page about the google issue here
http://blog.opendns.com/2007/05/22/google-turns-the-page/

In summary there is a problem with Dell and Google who have done a deal to redirect all traffic from new Dell computers to a more ad-heavy version of google. The OpenDNS servers redirect this traffic to the normal google engine. Nothing sinister, in my opinion.

Does anyone think OpenDNS will help provide access to restricted sites from countries with DNS filtering e.g. some asian countries.

Speed up DNS lookups
Authored by: Felix on Fri, Jun 8 2007 at 1:57PM PDT

This "tip" is the last of several (nearly identical instructions) I've seen bouncing around the web over time. When I first tried it out, I knew subjectively I was seeing a increase in look-up times. So I pinged the two OpenDNS IPs and got the following average over five pings:

208.67.222.222 .052 sec

208.67.220.220 .053 sec

Then I used the IP my ISP (T-Online) recommends and got an average of .002 sec.

Needless to say, I returned to what I was previously using. Now maybe it's because I'm overseas but OpenDNS is definitely slower for me.

Speed up DNS lookups
Authored by: jiclark on Sat, Jun 9 2007 at 8:07AM PDT

Very interesting discussion!

I've been using OpenDNS for awhile, and been happy with it, but I had no idea that they have some sort of sinister reputation with a lot of people. I wish both sides would come clean, here or elsewhere (link please?), giving more detailed info about just exactly what the problems are (or aren't?)!

Thanks, John

Speed up DNS lookups
Authored by: gmachen on Sat, Jun 9 2007 at 12:10PM PDT

Here's some new behavior I've noticed under OpenDNS:

In Camino 1.5, under my prior Road Runner DNS, if I entered into the address bar a URL without the ".com" suffix, it would get appended automatically.

But now under OpenDNS, I get taken to:

http://guide.opendns.com/?url=[my URL]

What's up with that? Is there any way I can make OpenDNS work my old way? (I'd hate to give up my massive speed increase!)

Speed up DNS lookups
Authored by: gregraven on Sun, Jun 10 2007 at 2:54PM PDT

I'm on Verizon, too. FIOS, in fact. OpenDNS is much faster. It's not even close, time-wise.

As for calling Verizon, I can just imagine the response of the adenoidal tech support person when I call to ask, please, to fix the response time of their DNS servers. It sounds like an exercise in futility, especially if Verizon is purposely throttling DNS response for some reason.

As for warning people, I believe I tried to do this in the original hint, here:

The only thing you have to be aware of is that if you dig an invalid address in Terminal.app, the results will appear to show that the main DNS server for your invalid address belongs to OpenDNS, which is almost certainly not the case. If this is a problem, though, you can set up different locations in System Preferences » Network, allowing quick and easy switching among default DNS servers, OpenDNS servers, and any other servers you may use.

As you can see, I even offered a method for avoiding the issue you mention for those who had concerns about it.

---
--
Greg Raven
Apple Valley, CA

[ Reply to This | # ]

Speed up DNS lookups
Authored by: sergioskd on Mon, Jan 28 2008 at 7:16PM PST

If your DNS so Fast you probably wouldn't mind to share it with everyone else what DNS Servers you use?

Hint Options

Search

From our Sponsor...

User Functions

What's New:

Hints

Comments last 2 days

Links last 2 weeks

What's New in the Forums?

The Editor's Corner...

Hints by Topic

News from Macworld

The macosxhints Poll