Jump to content

Public recursive name server: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Undid revision 1190833715 by 2001:8E0:2064:BF00:8C8F:D36C:8C2:E5F2 (talk) Criteria to appear on this list do not include encryption support
m v2.05 - auto / Fix errors for CW project (Link equal to linktext)
 
(21 intermediate revisions by 16 users not shown)
Line 10: Line 10:
*temporary unavailability of the ISP's name server
*temporary unavailability of the ISP's name server


Public DNS resolver operators often cite increased privacy as an advantage of their services; critics of public DNS services have cited the possibility of mass data collection targeted at the public resolvers as a potential risk of using these services. Several services now support secure DNS lookup transport services such as [[DNS over HTTPS]] (DoH) and [[DNS over TLS]] (DoT).
Public DNS resolver operators often cite increased privacy as an advantage of their services; critics of public DNS services have cited the possibility of mass data collection targeted at the public resolvers as a potential risk of using these services. Most services now support secure DNS lookup transport services such as [[DNS over TLS]] (DoT), [[DNS over HTTPS]] (DoH) and [[DNS over QUIC]] (DoQ).


Public DNS resolvers are operated either by commercial companies, offering their service for free use to the public, or by private enthusiasts to help spread new technologies and support non-profit communities.
Public DNS resolvers are operated either by commercial companies, offering their service for free use to the public, or by private enthusiasts to help spread new technologies and support non-profit communities.


== Notable public DNS service operators ==
== Notable public DNS service operators ==
{{sticky header}}{{sort under}}
{| class="sortable wikitable" style="font-size: 85%; text-align: center; width: auto;"
{{mw-datatable}}
{| class="sortable wikitable mw-datatable sticky-header sort-under" style="font-size: 85%; text-align: center;"
|-
|-
! style="width:12em" | Provider
! Provider
! [[Privacy policy]]
! [[Privacy policy]]
! [[Domain Name System#Transport_protocols|DNS over UDP/TCP (Do53)]]
! [[Domain Name System#DNS over UDP/TCP/53 (Do53)|DNS over UDP/TCP (Do53)]]
! [[Domain Name System Security Extensions|DNSSEC]]
! [[Domain Name System Security Extensions|DNSSEC]]
! [[DNS over TLS|DNS over TLS (DoT)]]
! [[DNS over TLS|DNS over TLS (DoT)]]
Line 25: Line 27:
! [[DNS over QUIC|DNS over QUIC (DoQ)]]
! [[DNS over QUIC|DNS over QUIC (DoQ)]]
![[Extension Mechanisms for DNS#EDNS Padding|EDNS Padding]]
![[Extension Mechanisms for DNS#EDNS Padding|EDNS Padding]]
! [[DNSCrypt|DNSCrypt]]
! [[DNSCrypt]]
! Hostname
! Hostnames
! [[Internet Protocol version 4|IPv4]] addresses
! [[Internet Protocol version 4|IPv4]] addresses
! [[Internet Protocol version 6|IPv6]] addresses
! [[Internet Protocol version 6|IPv6]] addresses
Line 58: Line 60:
| None<ref name=":11"/>
| None<ref name=":11"/>
|
|
|-
! [[Alibaba Group|Alibaba]]
| {{dunno}}
|! {{yes}}
| {{dunno}}
|! {{yes}}
|! {{yes}}
|! {{no}}
| {{dunno}}
|! {{no}}
|dns.alidns.com
|223.5.5.5
223.6.6.6
|2400:3200::1
2400:3200:baba::1
| {{dunno}}
|Chinese regulations
|-
|-
! rowspan="3" | [[CleanBrowsing]]
! rowspan="3" | [[CleanBrowsing]]
Line 100: Line 119:
| None
| None
|
|
|-
| dns64.cloudflare-dns.com
|{{n/a}}
| {{IPaddr|2606:4700:4700::64}}<br />{{IPaddr|2606:4700:4700::6400}}
| None
| Intended to be IPv6-only.<ref>{{Cite web |url=https://developers.cloudflare.com/1.1.1.1/support-nat64/ |title=Supporting IPv6-only Networks |access-date=2019-01-20 |archive-date=2020-12-09 |archive-url=https://web.archive.org/web/20201209005501/https://developers.cloudflare.com/1.1.1.1/support-nat64 |url-status=dead }}</ref> See [[NAT64]] and [[DNS64]].
|-
|-
| security.cloudflare-dns.com
| security.cloudflare-dns.com
Line 118: Line 131:
| Malware, Phishing,<br />Adult content
| Malware, Phishing,<br />Adult content
|
|
|-
| dns64.cloudflare-dns.com
|{{n/a}}
| {{IPaddr|2606:4700:4700::64}}<br />{{IPaddr|2606:4700:4700::6400}}
| None
| Intended to be IPv6-only.<ref>{{Cite web |url=https://developers.cloudflare.com/1.1.1.1/support-nat64/ |title=Supporting IPv6-only Networks |access-date=2019-01-20 |archive-date=2020-12-09 |archive-url=https://web.archive.org/web/20201209005501/https://developers.cloudflare.com/1.1.1.1/support-nat64 |url-status=dead }}</ref> See [[NAT64]] and [[DNS64]].
|-
|-
! rowspan="2" | [[Google Public DNS|Google]]
! rowspan="2" | [[Google Public DNS|Google]]
Line 140: Line 159:
| Intended for networks with NAT64 gateway.<ref>[https://developers.google.com/speed/public-dns/docs/dns64 Google Public DNS64]</ref>
| Intended for networks with NAT64 gateway.<ref>[https://developers.google.com/speed/public-dns/docs/dns64 Google Public DNS64]</ref>
|-
|-
! | [[Gcore|Gcore]]
! | [[Gcore]]
| ! {{yes}}<ref name="gcoreprivacy">[https://gcore.com/legal?tab=privacy_policy]</ref>
| ! {{yes}}<ref name="gcoreprivacy">{{cite web | url=https://gcore.com/legal?tab=privacy_policy | title=Legal Information on Gcore Services }}</ref>
| ! {{yes}}
| ! {{yes}}
| ! {{yes}}
| ! {{yes}}
Line 190: Line 209:
| Ads, trackers, malware, social media, gambling and adult content
| Ads, trackers, malware, social media, gambling and adult content
|-
|-
! rowspan="3" | [[OpenDNS]]
! rowspan="6" | Vercara (formerly [[Neustar|Neustar Security Services]])
| rowspan="6" ! {{Yes}}<ref name="Neustar PP">{{cite web |title=Privacy Policy {{!}} Neustar |url=https://www.home.neustar/privacy/privacy-policy#data_in_products_services |website=home.neustar |language=en}}</ref>
| rowspan="6" ! {{Yes}}
| rowspan="6" ! {{Yes}}
| rowspan="6" ! {{No}}
| rowspan="6" ! {{No}}
| rowspan="6" ! {{No}}
| rowspan="6" ! {{No}}
| rowspan="6" ! {{No}}
| rowspan="6" {{dunno}}
| ''64.6.64.6''<br>''64.6.65.6''
| ''2620:74:1b::1:1''<br>''2620:74:1c::2:2''
| rowspan="2" | None
| Verisign transferred its public DNS to Neustar.<ref>{{Cite web|title=Verisign Public DNS Offers DNS Stability And Security – Verisign|url=https://www.verisign.com/en_US/security-services/public-dns/index.xhtml|access-date=2020-12-05|website=www.verisign.com|language=en-US|archive-date=2021-03-31|archive-url=https://web.archive.org/web/20210331041511/https://www.verisign.com/en_US/security-services/public-dns/index.xhtml|url-status=dead}}</ref>
|-
| {{IPaddr|156.154.70.1}}<br />{{IPaddr|156.154.71.1}}
| {{IPaddr|2610:a1:1018::1}}<br />{{IPaddr|2610:a1:1019::1}}
|
|-
| {{IPaddr|156.154.70.2}}<br />{{IPaddr|156.154.71.2}}
| {{IPaddr|2610:a1:1018::2}}<br />{{IPaddr|2610:a1:1019::2}}
| Malware, ransomware, spyware, phishing
|
|-
| {{IPaddr|156.154.70.3}}<br />{{IPaddr|156.154.71.3}}
| {{IPaddr|2610:a1:1018::3}}<br />{{IPaddr|2610:a1:1019::3}}
| Low security + gambling, pornography, violence, hate
|
|-
| {{IPaddr|156.154.70.4}}<br />{{IPaddr|156.154.71.4}}
| {{IPaddr|2610:a1:1018::4}}<br />{{IPaddr|2610:a1:1019::4}}
| Medium security + gaming, adult, drugs, alcohol, anonymous proxies
|
|-
| {{IPaddr|156.154.70.5}}<br />{{IPaddr|156.154.71.5}}
| {{IPaddr|2610:a1:1018::5}}<br />{{IPaddr|2610:a1:1019::5}}
| None
| Will not redirect non-existent domains to a landing page.
|-
! rowspan="3" | Cisco Umbrella ([[OpenDNS]])
| rowspan="3" ! {{yes}}<ref name="opendnsprivacy">[https://www.cisco.com/c/en/us/about/legal/privacy-full.html Cisco Online Privacy Statement]</ref>
| rowspan="3" ! {{yes}}<ref name="opendnsprivacy">[https://www.cisco.com/c/en/us/about/legal/privacy-full.html Cisco Online Privacy Statement]</ref>
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}
Line 199: Line 257:
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}<ref name="opendnscrypt">[https://support.opendns.com/hc/en-us/articles/227989147 OpenDNS: OpenDNS and DNSCrypt]</ref>
| rowspan="3" ! {{yes}}<ref name="opendnscrypt">[https://support.opendns.com/hc/en-us/articles/227989147 OpenDNS: OpenDNS and DNSCrypt]</ref>
| dns.opendns.com<br />dns.umbrella.com<ref>[https://umbrella.cisco.com/blog/enhancing-support-dns-encryption-with-dns-over-https Cisco Umbrella Enhances Support of DNS Encryption with DNS Over HTTPS]</ref>
| dns.opendns.com
| {{IPaddr|208.67.222.222}}<br />{{IPaddr|208.67.220.220}}
| {{IPaddr|208.67.222.222}}<br />{{IPaddr|208.67.220.220}}
| {{IPaddr|2620:119:35::35}}<br />{{IPaddr|2620:119:53::53}}
| {{IPaddr|2620:119:35::35}}<br />{{IPaddr|2620:119:53::53}}
Line 216: Line 274:
| None
| None
| Sandbox addresses that provide no filtering.
| Sandbox addresses that provide no filtering.
|-
! |[[Oracle Corporation|Oracle]] (formerly [[Dyn (company)|Dyn]])
| {{yes}}<ref>{{cite web|url=https://dyn.com/legal/dyn-privacy-policy/|title=Oracle's Privacy Policy|website=dyn.com|language=en-US|access-date=2018-12-31}}</ref>
| {{yes}}
| {{yes}}
| {{no}}
| {{no}}
| {{no}}
| {{no}}
| {{no}}
| resolver1.dyndnsinternetguide.com<br />resolver2.dyndnsinternetguide.com<br />rdns.dynect.net
| {{IPaddr|216.146.35.35}}<br />{{IPaddr|216.146.36.36}}
|{{n/a}}
| None
|
|-
|-
! rowspan="3" | [[Quad9]]
! rowspan="3" | [[Quad9]]
Line 228: Line 301:
| dns.quad9.net
| dns.quad9.net
| {{IPaddr|9.9.9.9}}<br />{{IPaddr|149.112.112.112}}
| {{IPaddr|9.9.9.9}}<br />{{IPaddr|149.112.112.112}}
| {{IPaddr|2620:fe::fe}}<br />{{IPaddr|2620:fe::9}}
| {{IPaddr|2620:fe::9}}<br />{{IPaddr|2620:fe::fe}}
| Phishing, malware, and exploit kit domains
| Phishing, malware, and exploit kit domains
|
|
Line 244: Line 317:
| {{IPaddr|2620:fe::10}}<br />{{IPaddr|2620:fe::fe:10}}
| {{IPaddr|2620:fe::10}}<br />{{IPaddr|2620:fe::fe:10}}
| None
| None
|
|-
! | [[Wikimedia]]
| {{no|Informal}}<ref name="wikimedia-dns-privacy-policy">[https://meta.wikimedia.org/wiki/Wikimedia_DNS#Privacy_policy Wikimedia DNS: Privacy Policy]</ref>
| {{no}}<ref name="wikimedia-encrypted-dns">[https://wikitech.wikimedia.org/wiki/Wikimedia_DNS#Encrypted_DNS Wikimedia DNS: Encrypted DNS"]</ref>
| {{yes}}<ref name="wikimedia-dnssec">[https://wikitech.wikimedia.org/wiki/Wikimedia_DNS#DNSSEC Wikitech: Wikimedia DNS: DNSSEC]</ref>
| {{yes}}<ref name="wikimedia-tls">[https://wikitech.wikimedia.org/wiki/Wikimedia_DNS Wikitech: Wikimedia DNS]</ref>
| {{yes}}<ref name="wikimedia-https">[https://wikitech.wikimedia.org/wiki/Wikimedia_DNS Wikitech: Wikimedia DNS]</ref>
| {{no}}
| {{no}}<ref name="wikimedia-edns">[https://wikitech.wikimedia.org/wiki/Wikimedia_DNS#EDNS.280.29_Padding Wikitech: Wikimedia DNS: EDNS.280.29 Padding]</ref>
| {{no}}
| wikimedia-dns.org<ref name="wikimedia-dns-instructions">[https://meta.wikimedia.org/wiki/Wikimedia_DNS/Instructions Wikimedia DNS: Instructions]</ref>
| {{IPaddr|185.71.138.138}}<ref name="wikimedia-dns-instructions"></ref>
| {{IPaddr|2001:67c:930::1}}<ref name="wikimedia-dns-instructions"></ref>
| None<ref name="wikimedia-dns">[https://meta.wikimedia.org/wiki/Wikimedia_DNS Wikimedia DNS]</ref>
|
|
|-
|-
Line 255: Line 343:
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}
| rowspan="3" ! {{yes}}
| dns.yandex.ru<br />secondary.dns.yandex.ru
| common.dot.dns.yandex.net
| {{IPaddr|77.88.8.8}}<br />{{IPaddr|77.88.8.1}}
| {{IPaddr|77.88.8.8}}<br />{{IPaddr|77.88.8.1}}
| {{IPaddr|2a02:6b8::feed:0ff}}<br />{{IPaddr|2a02:6b8:0:1::feed:0ff}}
| {{IPaddr|2a02:6b8::feed:0ff}}<br />{{IPaddr|2a02:6b8:0:1::feed:0ff}}
Line 261: Line 349:
|
|
|-
|-
| safe.dns.yandex.ru<br />secondary.safe.dns.yandex.ru
| safe.dot.dns.yandex.net
| {{IPaddr|77.88.8.88}}<br />{{IPaddr|77.88.8.2}}
| {{IPaddr|77.88.8.88}}<br />{{IPaddr|77.88.8.2}}
| {{IPaddr|2a02:6b8::feed:bad}}<br />{{IPaddr|2a02:6b8:0:1::feed:bad}}
| {{IPaddr|2a02:6b8::feed:bad}}<br />{{IPaddr|2a02:6b8:0:1::feed:bad}}
Line 267: Line 355:
|
|
|-
|-
| family.dns.yandex.ru<br />secondary.family.dns.yandex.ru
| family.dot.dns.yandex.net
| {{IPaddr|77.88.8.7}}<br />{{IPaddr|77.88.8.3}}
| {{IPaddr|77.88.8.7}}<br />{{IPaddr|77.88.8.3}}
| {{IPaddr|2a02:6b8::feed:a11}}<br />{{IPaddr|2a02:6b8:0:1::feed:a11}}
| {{IPaddr|2a02:6b8::feed:a11}}<br />{{IPaddr|2a02:6b8:0:1::feed:a11}}
Line 279: Line 367:


== External links ==
== External links ==
* [https://dnscrypt.info/public-servers/ Home page of the DNSCrypt project: Public DNS servers]
* [https://dnscrypt.info/public-servers Home page of the DNSCrypt project: Public DNS servers]


[[Category:Domain Name System]]
[[Category:Domain Name System]]

Latest revision as of 06:34, 20 December 2024

A public recursive name server (also called public DNS resolver) is a name server service that networked computers may use to query the Domain Name System (DNS), the decentralized Internet naming system, in place of (or in addition to) name servers operated by the local Internet service provider (ISP) to which the devices are connected. Reasons for using these services include:

Public DNS resolver operators often cite increased privacy as an advantage of their services; critics of public DNS services have cited the possibility of mass data collection targeted at the public resolvers as a potential risk of using these services. Most services now support secure DNS lookup transport services such as DNS over TLS (DoT), DNS over HTTPS (DoH) and DNS over QUIC (DoQ).

Public DNS resolvers are operated either by commercial companies, offering their service for free use to the public, or by private enthusiasts to help spread new technologies and support non-profit communities.

Notable public DNS service operators

[edit]

References

[edit]
  1. ^ "How to Change Your Default DNS to Google DNS for Fast Internet Speeds". TechWorm. 2016-08-20. Retrieved 2016-10-22.
  2. ^ "A simple way to get around Rogers' DNS re-directing". IT Business. Retrieved 2016-10-22.
  3. ^ "OpenDNS Adds Centralized Reporting, IP-Layer Enforcement to Umbrella". mspmentor.net. Archived from the original on 2016-10-22. Retrieved 2016-10-22.
  4. ^ "Austrian Pirate Bay Blockade Censors Slovak Internet - TorrentFreak". TorrentFreak. 2015-12-03. Retrieved 2016-10-22.
  5. ^ Security; Iana. "DNS devastation: Top websites whacked offline as Dyn dies again". The Register. Retrieved 2016-10-22.
  6. ^ AdGuard DNS Privacy Notice
  7. ^ AdGuard DNS FAQ: What is DNSSEC?
  8. ^ The official release of AdGuard DNS — a new unique approach to privacy-oriented DNS
  9. ^ AdGuard DNS-over-QUIC
  10. ^ Adguard DNS now supports DNSCrypt
  11. ^ a b c d AdGuard DNS Setup guide
  12. ^ NOC.org / dcid. "CleanBrowsing Privacy and Terms of Service". Cleanbrowsing.org. Retrieved 2019-01-04.
  13. ^ "Parental Control with DNS over TLS Support".
  14. ^ NOC.org / dcid. "Parental Control with DNS Over HTTPS (DoH) Support". Cleanbrowsing.org. Retrieved 2019-01-04.
  15. ^ NOC.org / dcid. "Parental Control with DNSCrypt Support". Cleanbrowsing.org. Retrieved 2019-01-04.
  16. ^ "Privacy Policy". Cloudflare. Retrieved 2019-01-04.
  17. ^ "The Nitty Gritty - Cloudflare Resolver". 24 January 2023.
  18. ^ Cloudflare Inc (2018-03-31). "DNS over TLS - Cloudflare Resolver". Developers.cloudflare.com. Retrieved 2019-01-04.
  19. ^ Cloudflare Inc. "DNS over HTTPS - Cloudflare Resolver". Developers.cloudflare.com. Retrieved 2019-01-04.
  20. ^ "DNS over QUIC (DoQ)". Cloudflare Community. Retrieved 2022-09-12.
  21. ^ "Test DNS owner one.one.one.one". 2018-08-21.
  22. ^ "Supporting IPv6-only Networks". Archived from the original on 2020-12-09. Retrieved 2019-01-20.
  23. ^ Google Public DNS: Your Privacy
  24. ^ Google Public DNS: DNS-over-HTTPS
  25. ^ "Get Started | Public DNS".
  26. ^ Google Public DNS64
  27. ^ "Legal Information on Gcore Services".
  28. ^ "Privacy policy - Guides". Mullvad VPN. Retrieved 2023-08-27.
  29. ^ a b c d "DNS over HTTPS and DNS over TLS - Guides". Mullvad. 2023-08-08. Retrieved 2023-08-23.
  30. ^ "Privacy Policy | Neustar". home.neustar.
  31. ^ "Verisign Public DNS Offers DNS Stability And Security – Verisign". www.verisign.com. Archived from the original on 2021-03-31. Retrieved 2020-12-05.
  32. ^ Cisco Online Privacy Statement
  33. ^ OpenDNS: DNSSEC General Availability
  34. ^ OpenDNS: Querying OpenDNS using DoH
  35. ^ OpenDNS: OpenDNS and DNSCrypt
  36. ^ Cisco Umbrella Enhances Support of DNS Encryption with DNS Over HTTPS
  37. ^ "Oracle's Privacy Policy". dyn.com. Retrieved 2018-12-31.
  38. ^ Quad9: Compliance and Applicable Law
  39. ^ Quad9: Data and Privacy Policy
  40. ^ a b Quad9 FAQ: Does Quad9 implement DNSSEC?
  41. ^ Quad9 FAQ: Does Quad9 support DNS over TLS?
  42. ^ Quad9 FAQ: Does Quad9 support DNS over HTTPS (DoH)?
  43. ^ Quad9 FAQ: Does Quad9 support dnscrypt?
  44. ^ Quad9 FAQ: Is there a service that Quad9 offers that does not have the blocklist or other security?
  45. ^ Wikimedia DNS: Privacy Policy
  46. ^ Wikimedia DNS: Encrypted DNS"
  47. ^ Wikitech: Wikimedia DNS: DNSSEC
  48. ^ Wikitech: Wikimedia DNS
  49. ^ Wikitech: Wikimedia DNS
  50. ^ Wikitech: Wikimedia DNS: EDNS.280.29 Padding
  51. ^ a b c Wikimedia DNS: Instructions
  52. ^ Wikimedia DNS
  53. ^ Terms of use of the Yandex.DNS service
[edit]