Alternative DNS services
Cisco Umbrella (formerly OpenDNS)
OpenDNS provided free alternative nameservers, was bought by Cisco in Nov. 2016 and continues to offer OpenDNS as end-user product of its "Umbrella" product suite with focus on Security Enforcement, Security Intelligence and Web Filtering. The old nameservers still work but are pre-configured to block adult content:
220.127.116.11 18.104.22.168 2620:0:ccc::2 2620:0:ccd::2
Cloudflare provides a service committed to never writing the querying IP addresses to disk and wiping all logs within 24 hours, with the exception of providing data to APNIC labs for research purposes. APNIC and Cloudfare committed to treat all data with high privacy standards in their research agreement statement.
22.214.171.124 126.96.36.199 2606:4700:4700::1111 2606:4700:4700::1001
Comodo provides another IPv4 set, with optional (non-free) web-filtering. Implied in this feature is that the service hijacks the queries.
DNS.WATCH focuses on neutrality and security and provides two servers located in Germany with no logging and with DNSSEC enabled. Note they welcome commercial sponsorship.
188.8.131.52 # resolver1.dns.watch 184.108.40.206 # resolver2.dns.watch 2001:1608:10:25::1c04:b12f # resolver1.dns.watch 2001:1608:10:25::9249:d69b # resolver2.dns.watch
Google's nameservers can be used as an alternative:
220.127.116.11 18.104.22.168 2001:4860:4860::8888 2001:4860:4860::8844
OpenNIC provides free uncensored nameservers located in multiple countries. The full list of public servers is available at servers.opennic.org and a shortlist of nearest nameservers for optimal performance is generated on their home page.
To retrieve a list of nearest nameservers, an API is also available and returns, based on the URL parameters provided, a list of nameservers in the desired format. For example to get the 200 nearest IPv4 servers, one can use https://api.opennicproject.org/geoip/?list&ipv=4&res=200&adm=0&bl&wl.
Alternatively, the anycast servers below can be used; while reliable their latency fluctuates a lot.
22.214.171.124 126.96.36.199 2a05:dfc7:5::53 2a05:dfc7:5::5353
Quad9 is a free DNS service founded by IBM, Packet Clearing House and Global Cyber Alliance; its primary unique feature is a blocklist which avoids resolving known malicious domains. The addresses below are worldwide anycast.
"Secure", with blocklist and DNSSEC:
188.8.131.52 184.108.40.206 2620:fe::fe 2620:fe::9
No blocklist, no DNSSEC:
220.127.116.11 18.104.22.168 2620:fe::10
UncensoredDNS is a free uncensored DNS service. It is run by a private individual and consists in one anycast served by multiple servers and one unicast node hosted in Denmark.
22.214.171.124 # anycast.censurfridns.dk 126.96.36.199 # unicast.censurfridns.dk 2001:67c:28a4:: # anycast.censurfridns.dk 2a01:3a0:53:53:: # unicast.censurfridns.dk
Yandex.DNS has servers in Russia, Eastern and Western Europe and has three options, Basic, Safe and Family.
Basic - no traffic filtering:
188.8.131.52 184.108.40.206 2a02:6b8::feed:0ff 2a02:6b8:0:1::feed:0ff
Safe - protection from infected and fraudulent sites:
220.127.116.11 18.104.22.168 2a02:6b8::feed:bad 2a02:6b8:0:1::feed:bad
Family - protection from dangerous sites and sites with adult content:
22.214.171.124 126.96.36.199 2a02:6b8::feed:a11 2a02:6b8:0:1::feed:a11
- Wikipedia:Public recursive name server#List of public DNS service operators
- RFC:7706 - Decreasing Access Time to Root Servers by Running One on Loopback