DNS, the domain name system, represents one of the fundamental parts of the internet. It's much like the internet' phonebook. Whenever you visit a website (like the one your reading this article on) your computer looks up what server belongs to the domain name by translating it to an IP address. IP addresses are what computers can actually work with to know which other computer to contact.
Unfortunately, DNS is a very old protocol and comes with its own set of problems. By its unencrypted nature it's easy to track and monitor DNS requests as a DNS server provider, that just so happens to be your ISP by default. A common option is to configure your operating system to use a privacy-respecting dns resolver.
Ok so you changed your DNS server and every time you decide you watch cat videos on YouTube, your DNS request is no longer going to your ISP. Everything is perfect. Right?
Convenience vs Privacy - A Tale as Old as Time
The happy person I described using a somewhat trustworthy DNS resolver was me over the past months. And I was pretty satisfied - except for one thing: My download speeds seemed to be slower in some cases.
I initially dismissed the thought of this having anything to do with my DNS settings. After all, your DNS resolver has nothing to do with the actual download process itself. It only returns IP addresses when given domain names.
Say you wanted to watch your latest series on Apple TV. Great, your DNS server delivers the IP address to a streaming server and the video will start playing. Let's introduce CDNs into the mix! They are those monstrous server networks scattered all over the world always reading to start streaming your videos/music or whatever else when you so desire.
Normally, your ISP's DNS resolvers will make sure you get returned the IP of a server that your computer can most easily reach. And some ISP even run their own caches of CDN content. But in the case of third-party DNS resolvers this doesn't really work out as well. In an effort to protect your privacy, the CDNs are not provided enough geolocation information about you from your DNS resolver and thus can only ever route you to a subpar CDN server.
If you want to test the impact your DNS settings have on download speeds from Apple's CDN yourself, you can do so here:
So now what?
It shouldn't come as much of a surprise to see that solutions for this problem exist. One of those is part of the Extension Mechanisms for DNS (EDNS):
This allows your DNS resolver to provide the CDNs with some of the information required to geolocate you. Of course, this ends up sacrificing a bit of your privacy. This is where you have to make a decision yourself. But in most cases I the speed penalty is not worth the slight privacy benefit in my opinion.
So you're really left with the following options:
- use a public DNS resolver supporting EDNS (like the Google Public DNS
- use your ISPs DNS resolver (like 99.9 % of people do)
In the end, most people should probably just stick to the ISP DNS resolver. This allows for effective caching of commonly accessed content by your ISP and actually affects your download speed.
