Difference between revisions of "OpenDNS"

From ArchWiki
Jump to: navigation, search
(What is it?)
m (unnecesary, confusing info. grammar. repetition)
Line 1: Line 1:
 
[[Category: Networking (English)]]
 
[[Category: Networking (English)]]
==What is it? ==
+
[http://www.opendns.com OpenDNS] is an alternative [http://en.wikipedia.org/wiki/Domain_Name_System DNS] service. If your Internet pages are loading slow or if you want to make your Internet safer, smarter and more reliable in general, OpenDNS may be of help.
OpenDNS is a better DNS service. If you Internet pages are loading slow or if you want to make your Internet safer, faster, smarter and more reliable, try OpenDNS on your computer.
+
  
Your ISP provides (usually) working DNS servers; however, the router sometimes adds an extra DNS server, in case you have your own cache server (which would be slightly faster). This isn't a problem for windows users, because if a DNS server is slow or not doesn't work it will immediately switch to another one.  However, Linux takes longer to timeout (which is why you are getting a delay).
+
==DNS in Linux==
 
+
Your ISP (usually) provides working DNS servers; however, the router may also add an extra DNS server in case you have your own cache server. Switching between DNS servers does not represent a problem for Windows users, because if a DNS server is slow doesn't work it will immediately switch to better one.  However, Linux usually takes longer to timeout, which could be the reason you are getting a delay.
'''To check if this is the case:'''
+
Check /etc/resolv.conf for the IP address of the servers.  Then type (to see how long the response takes):
+
ping <one of the ip addresses>
+
 
+
'''''Note''''': this is not accurate because most of DNS servers do not respond to ping request. So, this is not reliable to test the speed response of a DNS server. Better use dig or host to query for an IP from an hostname.
+
 
+
Using dig before making any changes, repeat after making the changes below and compare the before and after, Query time(s):
+
  
 +
Use dig (provided by package {{Package Official|dnsutils}}) before any changes, repeat after making the adjustments in the section [[OpenDNS#What do I do?|below]] and compare the query time(s):
 
  dig www5.yahoo.com
 
  dig www5.yahoo.com
* you should have dig already installed, if not install dnsutils
 
 
Can also use dig with a specific nameserver:
 
  
 +
You can also specify a nameserver:
 
  dig @ip.of.name.server www5.yahoo.com
 
  dig @ip.of.name.server www5.yahoo.com
  
For example, using OpenDNS:
+
== Using DNS ==
dig @208.67.222.222 www5.yahoo.com
+
Edit /etc/resolv.conf and add the OpenDNS <tt>nameservers</tt> to the top of the file so they are used first. Optionally remove other servers already listed in order to only use OpenDNS:
Or using my router:
+
dig @192.168.1.1 www5.yahoo.com
+
 
+
* example output after using OpenDNS nameservers in /etc/resolv.conf:
+
;; Query time: 40 msec
+
;; SERVER: 208.67.222.222#53(208.67.222.222)
+
 
+
* example output using the nameservers in my router's dns settings(also using OpenDNS):
+
;; Query time: 100 msec
+
;; SERVER: 192.168.1.1#53(192.168.1.1)
+
 
+
If one of the responses takes a long time (or times out), then you can just delete it from resolve.conf.  However, depending on you network setup, the file may get rewritten every time you reconnect to the network (like when rebooting).  In that case, you can block that ip in hosts.deny, or if you use iptables, you can add a rule to block that IP (the latter is what I did).
+
 
+
== What do I do? ==
+
 
+
To speed things up, use OpenDNS. Edit /etc/resolv.conf and add to the top of the file, the OpenDNS nameservers so they are used first. Or remove any nameservers already listed, in order to use only the OpenDNS nameservers:
+
 
  # OpenDNS nameservers
 
  # OpenDNS nameservers
 
  nameserver 208.67.222.222
 
  nameserver 208.67.222.222
 
  nameserver 208.67.220.220
 
  nameserver 208.67.220.220
 +
Changes made to /etc/resolv.conf take affect immediately.
  
* changes made to /etc/resolv.conf take affect immediately
+
=== dhcpcd ===
 
+
=== with dhcpcd ===
+
 
If you are using '''dhcpcd''', edit /etc/dhcpcd.conf and remove ''domain_name_servers'' option to make it look like this:
 
If you are using '''dhcpcd''', edit /etc/dhcpcd.conf and remove ''domain_name_servers'' option to make it look like this:
 
 
  option domain_name, domain_search, host_name
 
  option domain_name, domain_search, host_name
 +
This will prevent dhcpcd from adding other nameservers to resolv.conf.
  
You will also need to edit or create /etc/resolv.conf.head and add to the top of the file, the OpenDNS nameservers so they are used first. Or remove any nameservers already listed, in order to use only the OpenDNS nameservers:
+
You will also need to edit or create /etc/resolv.conf.head in order to add the OpenDNS nameservers. The same principles apply as with /etc/resolv.conf; add them to the top of the file and optionally delete the rest:  
 
  # OpenDNS nameservers
 
  # OpenDNS nameservers
 
  nameserver 208.67.222.222
 
  nameserver 208.67.222.222
 
  nameserver 208.67.220.220
 
  nameserver 208.67.220.220
 +
dhcpcd dynamically generates /etc/resolv.conf by prepending /etc/resolv.conf.head and parsing options from /etc/dhcpcd.conf.
  
* dhcpcd creates dynamically /etc/resolv.conf from /etc/resolv.conf.head and the option sets in /etc/dhcpcd.conf
+
Restart networking after editing or creating /etc/resolv.conf.head in order to make the changes take effect:
 
+
After editing or creating /etc/resolv.conf.head, for changes to take affect immediately without a reboot, restart networking:
+
 
  # /etc/rc.d/network restart  
 
  # /etc/rc.d/network restart  
  
=== with a router ===
+
{{Tip|You may also specify these IPs in your router's configuration interface and merely point to your router's IP from /etc/resolv.conf.}}
You may also specify these IP's in your router under the DNS tab, and merely point to your router's IP from /etc/resolv.conf.
+
 
+
'''If you have a laptop that you roam with (assuming you have iptables setup):'''
+
Where the x's is the bad IP address
+
iptables  -A OUTPUT -d xxx.xxx.x.x  -j REJECT
+
iptables-save>/etc/iptables/iptables.rules
+
The first step tells iptables to reject connections to that nameserver.  This causes the nameserver to immediately timeout.  The second step saves the iptables rule.
+
  
 
== Fixing problems with Google ==
 
== Fixing problems with Google ==
 +
OpenDNS hijacks Google-searches by routing all queries through their own servers first. This can be annoying because Google searches may slow down noticeably and it breaks Google's FeelingLucky feature (e.g., entering digg in your adress bar will open www.digg.com). For the latter, there is a [https://addons.mozilla.org/en-US/firefox/addon/7993 Firefox-addon] bringing back the original behaviour. A more elegant solution is to redirect all queries for Google exclusively to your ISP's DNS Server. This can be done with [[dnsmasq]] (see [[Speeding up DNS with dnsmasq]] for more information).
  
OpenDNS hijacks google-searches by routing all queries through their own servers first. This can be annoying because a) google searches may slow down noticeably and b) it breaks Google's FeelingLucky feature (e.g., entering digg in your adress bar will open www.digg.com). For the latter, there is a [https://addons.mozilla.org/en-US/firefox/addon/7993 Firefox-addon] bringing back the original behaviour. A more elegant solution is to redirect all queries for google exclusively to your ISP's DNS Server. This can be done with Dnsmasq (see [[Speeding up DNS with dnsmasq]] in the wiki for more information).
+
== External Resources ==
 
+
*[http://en.wikipedia.org/wiki/Domain_Name_System Domain Name System (DNS)]
 
+
 
+
== More Resources ==
+
*[http://en.wikipedia.org/wiki/Domain_Name_System Domain Name System]
+
 
*[http://www.opendns.com/ OpenDNS.com]
 
*[http://www.opendns.com/ OpenDNS.com]

Revision as of 19:39, 31 October 2009

OpenDNS is an alternative DNS service. If your Internet pages are loading slow or if you want to make your Internet safer, smarter and more reliable in general, OpenDNS may be of help.

DNS in Linux

Your ISP (usually) provides working DNS servers; however, the router may also add an extra DNS server in case you have your own cache server. Switching between DNS servers does not represent a problem for Windows users, because if a DNS server is slow doesn't work it will immediately switch to better one. However, Linux usually takes longer to timeout, which could be the reason you are getting a delay.

Use dig (provided by package Template:Package Official) before any changes, repeat after making the adjustments in the section below and compare the query time(s):

dig www5.yahoo.com

You can also specify a nameserver:

dig @ip.of.name.server www5.yahoo.com

Using DNS

Edit /etc/resolv.conf and add the OpenDNS nameservers to the top of the file so they are used first. Optionally remove other servers already listed in order to only use OpenDNS:

# OpenDNS nameservers
nameserver 208.67.222.222
nameserver 208.67.220.220

Changes made to /etc/resolv.conf take affect immediately.

dhcpcd

If you are using dhcpcd, edit /etc/dhcpcd.conf and remove domain_name_servers option to make it look like this:

option domain_name, domain_search, host_name

This will prevent dhcpcd from adding other nameservers to resolv.conf.

You will also need to edit or create /etc/resolv.conf.head in order to add the OpenDNS nameservers. The same principles apply as with /etc/resolv.conf; add them to the top of the file and optionally delete the rest:

# OpenDNS nameservers
nameserver 208.67.222.222
nameserver 208.67.220.220

dhcpcd dynamically generates /etc/resolv.conf by prepending /etc/resolv.conf.head and parsing options from /etc/dhcpcd.conf.

Restart networking after editing or creating /etc/resolv.conf.head in order to make the changes take effect:

# /etc/rc.d/network restart 
Tip: You may also specify these IPs in your router's configuration interface and merely point to your router's IP from /etc/resolv.conf.

Fixing problems with Google

OpenDNS hijacks Google-searches by routing all queries through their own servers first. This can be annoying because Google searches may slow down noticeably and it breaks Google's FeelingLucky feature (e.g., entering digg in your adress bar will open www.digg.com). For the latter, there is a Firefox-addon bringing back the original behaviour. A more elegant solution is to redirect all queries for Google exclusively to your ISP's DNS Server. This can be done with dnsmasq (see Speeding up DNS with dnsmasq for more information).

External Resources