Frequently Asked Questions - Google Public DNS - Google Code
My favorites | English | Sign in

Google Public DNS

Frequently Asked Questions

General

Use and support

Technical

Privacy

General

What is Google Public DNS?
Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider.
Why is Google working on a DNS service?
We believe that a faster and safer DNS infrastructure could significantly improve the web browsing experience. Google Public DNS has made many improvements in the areas of speed, security, and validity of results. We've shared these improvements in our documentation, to contribute to an ongoing conversation within the web community.
Can I use Google Public DNS to host my domain name or website?
No. Google Public DNS is not an authoritative nameserver or hosting service. There are no plans to offer any DNS registration or hosting services with Google Public DNS.
Does Google Public DNS offer the ability to block or filter out unwanted sites?
No. Google Public DNS is purely a DNS resolution and caching server; it does not perform any blocking or filtering of any kind. We believe that such functionality is best performed by the client. If you are interested in enabling such functionality, you should consider installing a client-side application or browser add-on for this purpose.
Are Googlers using Google Public DNS?
Yes. We launched Google Public DNS to Googlers a couple of months ago and we have been using it to power our wi-fi networks for visitors as well as our free public wi-fi network in Mountain View.
Are there any cross-product dependencies with Google Public DNS?
Google Public DNS is an independent service.
Do I need a Google Account to use Google Public DNS?
No.
How is Google Public DNS different from my ISP's DNS service or other open DNS resolvers? How can I tell if it is better?
Open resolvers and your ISP all offer DNS resolution services. We invite you to try Google Public DNS as your primary or secondary DNS resolver along with any other alternate DNS services. There are many things to consider when identifying a DNS resolver that works for you, such as speed, reliability, security, and validity of responses. Unlike Google Public DNS, some ISPs and open resolvers block, filter, or redirect DNS responses.
How does Google Public DNS handle non-existent domains?
If you issue a query for a domain name that does not exist, Google Public DNS always returns an NXDOMAIN record, as per the DNS protocol standards. The browser should show this response as a DNS error. If, instead, you receive any response other than an error message (for example, you are redirected to another page), this could be the result of the following:
  • A client-side application such as a browser plug-in is displaying an alternate page for a non-existent domain.
  • Some ISPs may intercept and replace all NXDOMAIN responses with responses that lead to their own servers. If you are concerned that your ISP is intercepting Google Public DNS requests or responses, you should contact your ISP.
Will Google Public DNS be used to serve ads in the future?
No. We are committed to preserving the integrity of the DNS protocol. Google Public DNS will never return the address of an ad server for a non-existent domain.

Use and support

I am using another DNS service now. Can I also use Google Public DNS?
Yes. You can set Google Public DNS to be your primary or secondary DNS resolver, along with your current DNS resolver. Please remember that operating systems treat DNS resolvers differently: some will only use your primary DNS resolver and use the secondary in case the primary one fails, while others will round-robin among each of the resolvers.
Is Google Public DNS suitable for all types of Internet-enabled devices?
Yes. However, in some cases, especially with mobile phones, your experience might not be optimal in terms of speed.
Can I run Google Public DNS on my office computer?
Some offices have private networks that allow you to access domains that you can't access outside of work. Using Google Public DNS might limit your access to these private domains. Please check your IT department's policy before using Google Public DNS on your office computer.
In which countries is Google Public DNS available?
It is available to Internet users around the world, though your experience may vary greatly based on your specific location.
Does Google Public DNS work with all ISPs?
Google Public DNS should work with most ISPs, assuming you have access to change your network DNS settings.
Do I need to use both Google Public DNS IP addresses?
No. You can use Google as your primary service by just using one of the IP addresses. However, be sure not to specify one address as both primary and secondary servers.
Does it matter in what order I specify the IP addresses?
No, the order does not matter. Either IP can be your primary or secondary name server.
What is the SLA for the service?
We are not providing an SLA for this service at this time.
I'm running an ISP. Can I redirect all my users to Google Public DNS?
At this time, Google Public DNS is a service without an SLA, intended for individual users. If you do use Google Public DNS, we recommend that you ensure that your users have a backup or failover service.
How can I get support from the Google Public DNS team?
We recommend that you join our Google Groups to get useful updates from the team and ask any questions you have.  If you need automated telephone support, see the telephone contact information.

If you are encountering a problem and would like to report it on the discussion group, please include the following information:

  • The date and time you encountered the problem
  • Your location
  • The platform on which you are noticing the problem (e.g. Mac, Windows, router, etc.)
  • The hostname(s) for which you are having a problem
  • Whether the problem is continuous or intermittent

In addition, please run the diagnostic tests described in Diagnosing resolution problems, and in your discussion group posting, paste in the results.

Technical

Where are your servers currently located?
Google Public DNS servers are available worldwide.

Here are the subnets from which Google Public DNS sends requests to authoritative nameservers, and their associated IATA airport codes:

64.233.162.0/24 gru
64.233.168.0/24 iad
64.233.182.0/24 tpe
72.14.202.0/24 tpe
74.125.112.0/24 chs
74.125.114.0/24 chs
74.125.126.0/24 dls
74.125.156.0/24 atl
74.125.158.0/24 atl
74.125.16.0/26 tul
74.125.16.64/26 tpe
74.125.16.128/26 grq
74.125.16.192/26 bru
74.125.17.0/24 bru
74.125.17.0/24 fra
74.125.18.0/24 ber
74.125.44.0/24 atl
74.125.46.0/24 atl
74.125.52.0/24 dls
74.125.64.0/24 atl
74.125.70.0/24 hkg
74.125.78.0/24 grq
74.125.90.0/24 mrn
74.125.92.0/24 mrn
209.85.136.0/24 lpp
209.85.142.0/24 dub
209.85.144.0/24 cbf
209.85.172.0/24 lpp
209.85.174.0/24 kul
209.85.224.0/24 cbf
209.85.226.0/24 bru
209.85.228.0/24 bru

This list is subject to additions, modifications, and even reductions as we continue to deploy and support our service.

How does Google Public DNS know which data center to send me to?
Google Public DNS uses anycast routing to direct all packets to the closest DNS server. For more information on anycast routing, see the Wikipedia entry.
Does Google Public DNS support the DNSSEC protocol?
Google Public DNS supports EDNS0 extensions, which means that we accept and forward DNSSEC-formatted messages; however, we do not yet validate responses. We will continue to work on improving Google Public DNS.
Is Google Public DNS based on open source software, such as BIND?
No. Google Public DNS is Google's own implementation of the DNS standards.
Does Google Public DNS comply with the DNS standards set forth by the IETF?
Yes.
Are there plans to release Google Public DNS code as open source software?
At this time, there are no plans to open source Google Public DNS, but we have detailed all the steps we have taken to increase speed, security, and standards compliance.
Does Google Public DNS support IPv6?
Yes. Google Public DNS listens for incoming requests on IPv6 addresses from clients with IPv6 connectivity, responds to all requests for IPv6 addresses, and returns AAAA records if they exist. However, it cannot talk to IPv6-only authoritative nameservers. See Using Public DNS for Google Public DNS IPv6 host addresses and configuration information.

Note that you may not receive IPv6 results for Google properties. To optimize the user experience, Google only serves AAAA records to clients behind ISPs with good IPv6 connectivity. This policy is completely independent from Google Public DNS, and is enforced by Google's nameservers. For more information, please see the Google over IPv6 page.

I looked online and it seems that there are a lot of issues with open resolvers such as DDoS attacks, large-scale spoofing etc. Why did you make Google Public DNS an open resolver?
There are many articles online about some of the threats that open resolvers face. We made a conscious decision to be open and we have taken what we believe to be adequate precautions. See the security benefits page for information on the precautions we have taken to help protect our users from spoofing and cache poisoning, and to mitigate DNS-based DDoS attacks.
Are there tools that I can use to test the performance of Google Public DNS against that of other DNS services?
There are many freely available tools that you can use to measure Google Public DNS' response time. We recommend Namebench. Regardless of the tool you use, you should run the tool against a large number of domains — more than 5000 — to ensure statistically significant results. Although the tests take longer to run, using a minimum of 5000 domains ensures that variability due to network latency (packet loss and retransmits) is minimized, and that Google Public DNS' large name cache is thoroughly exercised.
To set the number of domains in Namebench, use the Number of tests GUI option or the -t command line flag; see the Namebench documentation for more information.
When I run ping or traceroute against the Google Public DNS resolvers, the response latency is higher than that of other services. Does this mean Google Public DNS is always slower?
No. In addition to the ping time, you also need to consider the average time to resolve a name. For example, if your ISP has a ping time of 20 ms, but a mean name resolution time of 500 ms, the overall average response time is 520 ms. If Google Public DNS has a ping time of 300 ms, but resolves many names in 1 ms, the overall average response time is 301 ms. To get a better comparison, we recommend that you test the name resolutions of a large set of domains.
I've read claims that Google Public DNS can slow down multimedia applications such as iTunes and Apple TV. Are these true?
Many sites that provide downloadable or streaming multimedia host their content with DNS-based third-party content distribution networks (CDNs), such as Akamai. When a DNS resolver queries an authoritative nameserver for a CDN's IP address, the nameserver returns an address which is closest (in network distance) to the resolver, not the user. In some cases, for ISP-based resolvers as well as public resolvers such as Google Public DNS, the resolver may not be in close proximity to the users. In such cases, the browsing experience could be slowed down somewhat. Google Public DNS is no different from other DNS providers in this respect.

To help reduce the distance between DNS servers and users, Google Public DNS has deployed its servers all over the world. In particular, users in Europe should be directed to CDN content servers in Europe, users in Asia should be directed to CDN servers in Asia, and users in the eastern, central and western U.S. should be directed to CDN servers in those respective regions. We have also published this information (see Where are your servers currently located? for details) to help CDNs provide good DNS results for multimedia users.

In addition, Google Public DNS engineers have proposed a technical solution to the issue in an IETF draft, Client subnet information in DNS requests. This proposal defines an EDNS0 extension which allows resolvers to pass in part of the client's IP address as the source IP in the DNS message, so that nameservers can return optimized results based on the user's location rather than that of the resolver. We have deployed an implementation of the proposal as an experiment for content distribution networks and Google properties. We look forward to working with other public resolvers and other content networks to conduct further experiments.

Finally, if you are having a specific problem, please see the troubleshooting page or send a message to the public forum.

Privacy

What information does Google log when I use the Google Public DNS service?
Google Public DNS complies with Google's main privacy policy, which you can view at our Privacy Center. With Google Public DNS, we collect IP address (only temporarily) and ISP and location information (in permanent logs) for the purpose of making our service faster, better and more secure. Specifically, we use this data to conduct debugging and to analyze abuse phenomena. After 24 hours, we erase any IP information. For more information, read the Google Public DNS privacy page.
Is any of the information collected stored with my Google account?
No.
Does Google share the information it collects from the Google Public DNS service with anyone else?
No.
Is information about my queries to Google Public DNS shared with other Google properties, such as Search, Gmail, ads networks, etc.?
No.