Using DNS4EU in North America

Submitted ⁨⁨2⁩ ⁨weeks⁩ ago⁩ by ⁨avidamoeba@lemmy.ca⁩ to ⁨selfhosted@lemmy.world⁩

https://www.joindns4.eu/for-public#resolver-options

Hey gang, I’m considering using DNS4EU in Canada. My ping to their servers is ~130ms. That’s way longer than anything local which is on the order of 1-5ms. Apart from resolving uncached entries taking longer, is there any contraindication to using a DNS server with high latency?

source

Comments

Sort:hotnew top

undefined@lemmy.hogru.ch ⁨2⁩ ⁨weeks⁩ ago
This is one of those things that if you really want to do it, you’ll have to live with the consequences.

I’m an American that VPNs everything first to my VPS then down a double hop commercial VPN tunnel that finally exits in Switzerland. DNS traffic also travels over that VPN tunnel so you’ll rightly guess that my DNS is rather slow too.

What I do is I run a resolver on the VPS (physically near me) that aggressively prefetches commonly queried DNS records. After years of using Unbound I found Blocky to be much, much faster (especially with huge blocklists).

source
deafboy@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
Question for the general public. Why not use the DNS server provided by your ISP?

They already know what websites you visit, because TLS1.2 still leaks the hostname. They might as well provide some useful service in return.

source
- slazer2au@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
  Because they are court ordered to block some websites that I like to use.
  
  source
- EncryptKeeper@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
  Not if you use a vpn
  
  source

kokesh@lemmy.world ⁨2⁩ ⁨weeks⁩ ago

Does it actually block thepiratebay, yts, 1337x? Lots of European DNS servers do.

source

deafboy@lemmy.world ⁨2⁩ ⁨weeks⁩ ago

Each of them returns the correct answer.

Protective Resolution - IP address 86.54.11.1
Protective + Child Protection - IP address 86.54.11.12
Protective + Ad blocking - IP address 86.54.11.13
Protective + Child Protection + Ad blocking - IP address 86.54.11.11
Unfiltered Resolution-  IP address 86.54.11.100

;; ANSWER SECTION:
thepiratebay.org.       300     IN      A       162.159.137.6
thepiratebay.org.       300     IN      A       162.159.136.6

source

phase@lemmy.8th.world ⁨2⁩ ⁨weeks⁩ ago
Could you test this? It wukd bring fact to the conversation instead of just doubt and workload.

source

just_another_person@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
So you’re asking if there is any other way to work around physics and get a better response time to servers that are thousands of miles away?

No.

Sorry.

source
- avidamoeba@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
  Not asking for a workaround. Asking if I’m missing some problem with using a slow DNS server I might run into, other than the obvious one.
  
  source
  - lambalicious@lemmy.sdf.org ⁨2⁩ ⁨weeks⁩ ago
    The only task of a DNS server is (or should be) to tell you how to get to a resource you’re looking for by name. So, the only thing that is going to be reallistically affected is your (initial) connection times. And – since this is c/selfhosted – if you are setting a decent DNS cache in your local network, that should be even less of an issue.
    
    The only borderline scenario that I could see feasible, since this is c/selfhosted , is that some software you are setting up that requires nanosecond DNS resolution or somesuch sillyness is going to fail or report false errors. But why would you even do that?
    
    source
    -> View More Comments
patrick@lemmy.bestiver.se ⁨2⁩ ⁨weeks⁩ ago
130ms is perceivable but still quite small, and you’d only hit it once per domain (per TTL). If you care enough to intentionally use it then I wouldn’t worry about it. You’ll rarely notice the difference.

There are a few other services with similar ethos that you may want to check out as alternatives. Quad9 is the one I remember off the top of my head.

source
- kokesh@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
  I’m getting 153 ms. I’m in Europe. Other DNS servers are like 40ms.
  
  source
- Klajan@lemmy.zip ⁨2⁩ ⁨weeks⁩ ago
  I was using Quad9 for quite some time, but I had consistent problems with the DNS sometimes not working.
  
  In my local network I switched to pihole with unbound as the resolver. Though this does require a bit more setup. I have unbound setup to serve expired records from the cache & prefetch comment queries, this helps with most of the delay.
  
  On my phone I use dnsforge.de when I am not at home for example, and haven’t had any problems with unresponsive DNS so far.
  
  source
fatalicus@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
Well, this is selfhost, so why not do that and set up unbound to use?

source
- avidamoeba@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
  Is unbound different than say dnsmasq that my router is running? Isn’t it just another DNS server that has to go to a higher DNS server for resolution?
  
  source
  - fatalicus@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    Dnsmasq is dependent on whatever DNS servers you provide it with for its data, so if those controlling those DNS servers get ordered to block something you experience that.
    
    Unbound however does the same job as the DNS servers you would configure in Dnsmasq : when you do a DNS request, unbound goes to the root hint servers, then works its way down through the authorative DNS servers til it finds what you are requesting.
    
    source
UberKitten@lemmy.blahaj.zone ⁨2⁩ ⁨weeks⁩ ago
There are many similar services like RethinkDNS that you should consider instead.

source
Decipher0771@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
If you’re using a government run DNS, why not use the CIRA ones instead? www.cira.ca/en/canadian-shield/

source
- avidamoeba@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
  I’m currently trying that but the proposed information sharing changes with the US in Bill C-5 change the calculus. I’m sure part of the push comes from the American copyright lobby.
  
  source
  - Daughter3546@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    Fellow Canadian here, this has completely been off my radar. A quick search brings for Bill C-5 brings up the removal of trade barriers and tax cuts.
    
    Can you point me to where the copyright nonsense is in the bill?
    
    source
    -> View More Comments
kugmo@sh.itjust.works ⁨2⁩ ⁨weeks⁩ ago
gimping your dns’ ping just to not use something non-american won’t change orange man’s policies. use a private dns close to you.

source
CgH10N4Co2@lemmy.cafe ⁨2⁩ ⁨weeks⁩ ago
Does DNS ping really matter unless you’re making a lot of random uncached requests?

source
- avidamoeba@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
  Probably not.
  
  source