Google Public DNS
Google Public DNS is a Domain Name System (DNS) service offered to Internet users worldwide by Google. It functions as a recursive name server. Google Public DNS was announced on December 3, 2009,[1] in an effort described as "making the web faster and more secure."[2][3] As of 2018, it is the largest public DNS service in the world, handling over a trillion queries per day.[4] Google Public DNS is not related to Google Cloud DNS, which is a DNS hosting service.
Service
The Google Public DNS service operates recursive name servers for public use at the four IP addresses listed below.[5] These addresses are mapped to the nearest operational server by anycast routing.[6]
Filters domains | No |
---|---|
Passes ECS | Yes |
Validates DNSSEC | Yes |
Via DoH | https://dns.google/dns-query |
Via DoT | dns.google |
Via IPv4
|
8.8.8.8 8.8.4.4 |
Via IPv6 | 2001:4860:4860::8888 2001:4860:4860::8844 |
The service does not use conventional DNS
Some DNS providers practice DNS hijacking while processing queries, redirecting web browsers to an advertisement site operated by the provider when a nonexistent domain name is queried. The Google service correctly replies with a non-existent domain (NXDOMAIN) response.[9]
The Google service also addresses DNS security. A common attack vector is to interfere with a DNS service to achieve redirection of web pages from legitimate to malicious servers. Google documents efforts to be resistant to
DNS64
The Google Public DNS64 service operates recursive name servers for public use at the two IP addresses listed below for use with NAT64.[11]
Filters domains | No |
---|---|
Passes ECS | Yes |
Validates DNSSEC | Yes |
Via DoH | https://dns64.dns.google/dns-query{?dns} |
Via DoT | dns64.dns.google |
Via IPv6 | 2001:4860:4860::6464
2001:4860:4860::64 |
Privacy
Google stated that for the purposes of performance and security, the querying
History
In December 2009, Google Public DNS was launched with its announcement
In January 2019, Google Public DNS adopted the DNS over TLS protocol.[17]
DNSSEC
At the launch of Google Public DNS, it did not directly support
Client subnet
Since June 2014, Google Public DNS automatically detects nameservers that support EDNS Client Subnet (ECS) options as defined in the IETF draft (by probing name servers at a low rate with ECS queries and caching the ECS capability), and will send queries with ECS options to such name servers automatically.[20]
Censorship in Turkey
In March 2014, use of Google Public DNS was
See also
References
- ISSN 1059-1028. Retrieved November 3, 2023.
- ^ "Introducing Google Public DNS". Official Google Blog. December 3, 2009. Retrieved November 3, 2023.
- ^ Stone, Brad (December 3, 2009). "Pondering Google's Move Into the D.N.S. Business". Bits Blog. Retrieved November 3, 2023.
- ^ "Google Public DNS turns 8.8.8.8 years old". Google Online Security Blog. Retrieved November 3, 2023.
- ^ Mario Bonilla (June 9, 2011). "Announcement on public-dns-announce". Retrieved October 10, 2012.
- ^ "Frequently Asked Questions | Public DNS". Google for Developers. Retrieved November 3, 2023.
- ^ "Frequently Asked Questions". Retrieved July 3, 2017.
- ^ a b "Google Public DNS Now Supports DNSSEC Validation". Google Code Blog. June 1, 2013.
- ^ Raphael, JR (December 3, 2009). "Google Public DNS and Your Privacy". PCWorld. Retrieved January 11, 2021.
- ^ "Google Public DNS Security Threats and Mitigations". Retrieved June 22, 2012.
- ^ "Google Public DNS64". Google. June 3, 2016. Retrieved May 26, 2020.
- ^ "Google Public DNS: Your Privacy". Google Inc. April 1, 2016. Retrieved September 5, 2016.
- ^ "Google Privacy Policy". March 31, 2014. Retrieved July 1, 2014.
- ^ "Google Public DNS and your privacy". PC World. December 4, 2009.
- ^ "Introducing Google Public DNS". Official Google Blog. December 3, 2009. Retrieved November 3, 2023.
- ^ "Introducing Google Public DNS". Google Code Blog. December 3, 2009.
- ^ Beiersmann, Stefan (January 10, 2019). "Google spendiert seinen öffentlichen DNS-Servern TLS-Verschlüsselung". ZDNet.de (in German). Retrieved January 11, 2021.
- ^ "Google's Public DNS does DNSSEC validation". nanog mailing list archives. January 29, 2013.
- ^ Huston, Geoff (July 17, 2013). "DNS, DNSSEC and Google's Public DNS Service". CircleID.
- ^ Wan, Shen (June 9, 2014). "Google Public DNS now auto-detects nameservers that support edns-client-subnet". Google Groups. Retrieved November 3, 2023.
- ^ "Turkish citizens use Google to fight Twitter ban". The Verge. March 21, 2014. Retrieved March 24, 2014.
- ^ "Twitter website 'blocked' in Turkey". BBC News. March 21, 2014. Retrieved November 3, 2023.
- ^ "'We'll eradicate Twitter': Turkey blocks Twitter access". PCWorld. Retrieved November 3, 2023.