# Which nameservers do You use?



## ICPH (Nov 18, 2014)

Hi,

which nameservers do You use in your webserver /etc/resolv.conf file? Or how do you determine which are best ones to place there?

Do you think Its better to add more than 2 nameservers or even three sets of nameservers (6 lines)? like example google ones, opendns ones and one more?

thx


----------



## Roger (Nov 18, 2014)

Probably your closer ones will perform better. Do ping/traceroute test to see which ones are in close proximity. Your datacenter/ISP should provide you their owns. Or you could go with pubic ones like Googles' and/or OpenDNSs'.


----------



## D. Strout (Nov 18, 2014)

Roger said:


> Probably your closer ones will perform better.


Of course, with Google's DNS, they employ anycast, so you automatically get the closest one, which is often no more than 5ms away. But some people don't like them for privacy reasons. For myself, I do tend to use them, if for no other reason than that they have very memorable IPs. A lot of VPSes I have came with them preset. They are very convenient, but I suppose there is reason to be wary for privacy reasons, but I can't be bothered to change them. Pro tip for people/companies seeking world domination: if you want people to use your thing, make it _super easy_.


----------



## raindog308 (Nov 19, 2014)

Level3's IPs are also easy to remember: 4.2.2.2.  It's actually through 4.2.2.1 through 4.2.2.6.

For years I've used Level3 and Google in my VPS's resolv.conf.


----------



## raindog308 (Nov 19, 2014)

It would be funny if we setup our own .vpsboard underground TLD.


----------



## clownjugglar (Nov 19, 2014)

I use DNScrypt with a resolver from here.


----------



## drmike (Nov 19, 2014)

4.2.2.1-4.2.2.6

208.67.220.220, 208.67.222.222

Plus I use DNSCrypt here and there...

and there is a DNS speedtest tool ---> https://code.google.com/p/namebench/

Old and somewhat blah, but it works.


----------



## fixidixi (Nov 19, 2014)

@drmike:

opendns with their redirections? uhh..


----------



## Aldryic C'boas (Nov 19, 2014)

_*IF*_ I use a third-party resolver, I typically stick with Level3.  I won't even use (or recommend) Google's any more - their penchant for data collection is well past the creepy stage, and just because _"I'm not doing anything wrong and have nothing to fear"_ doesn't mean I want some freakshow staring into my living room window all day.


----------



## DomainBop (Nov 19, 2014)

fixidixi said:


> @drmike:
> 
> opendns with their redirections? uhh..


They stopped the redirections and ads on June 6th.  Now you just get a standard NXDOMAIN or SERVFAIL message. https://www.opendns.com/no-more-ads/


----------



## lowesthost (Nov 19, 2014)

> which nameservers do You use in your webserver /etc/resolv.conf file?


Our own 

level3's     if not      testing something  real quick maybe Google's


----------



## Wintereise (Nov 19, 2014)

8.8.8.8 ever since Level3 quietly tried to stop returning NXDomain and return shitty ads instead.

ISP DNS as secondary.


----------



## iWF-Jacob (Nov 19, 2014)

Level 3 performance has gone downhill lately I've noticed, so we've started using Google or a DC specific resolver.


----------



## Dylan (Nov 20, 2014)

Google's.

I wish small providers would stop using their own nameservers and just pick one of the reliable public sets. I've had a provider's nameservers not resolve something correctly way too many times.


----------



## budi1413 (Nov 20, 2014)

8.8.8.8

208.67.222.222


----------



## fixidixi (Nov 20, 2014)

Well then I might consider using them again .

For now my caching ns asks *evil* google and notifications are also sent mostly to them.

May I ask where are you sending notifications on urgent changes?



DomainBop said:


> They stopped the redirections and ads on June 6th.  Now you just get a standard NXDOMAIN or SERVFAIL message. https://www.opendns.com/no-more-ads/


----------



## layerbyte_ben (Nov 21, 2014)

I use Level3's (4.2.2.2) and Google's (8.8.8.8), nice and easy to remember.


----------



## IntegralHost (Nov 23, 2014)

I'm using public(Google) name servers

4.4.4.4

8.8.8.8


----------



## TurnkeyInternet (Nov 27, 2014)

8.8.8.8 is great for externally monitoring your internal/client dns for unexpected changes (the folks at Craigslist you would think have something checking that for them before getting hijacked for a day!).


----------



## OpticServers (Nov 28, 2014)

I'm using the google name servers, they work just fine for me... never had any problems with them to my knowledge...

8.8.8.8

4.4.4.4


----------



## fixidixi (Nov 28, 2014)

@OpticServers

you know google dns is

8.8.8.8

and 8.8.4.4 right?


----------



## OpticServers (Nov 29, 2014)

fixidixi said:


> @OpticServers
> 
> you know google dns is
> 
> ...


hahaha i meant 8.8.4.4 i got one out of two xD


----------



## SpartanHost (Nov 29, 2014)

We use Google's nameservers for everything as well, nothing more reliable and no point attempting to use our own.


----------



## fixidixi (Nov 29, 2014)

@SpartanHost:

I for one run my own ns and use google as upstream and serve my own internal zones... ..as a usecase for your own ns


----------



## HalfEatenPie (Nov 30, 2014)

raindog308 said:


> It would be funny if we setup our own .vpsboard underground TLD.


... Yeah of course it would be funny if we did.

*whistles innocently*


----------



## TH-Dan (Dec 1, 2014)

We use google and level 3 (8.8.8.8 and 4.2.2.2)


----------



## HostAg (Jan 6, 2015)

I am also using google name servers in all of my servers because it is so easy to remember.


----------



## blfr (Jan 7, 2015)

I run Unbound locally (on the server, or on a router), and forward queries to a set of quick servers. Usually Google's.

This gives you the flexibility to include non-standard tlds. You can forward all queries to Google,


```
forward-zone:
                name: "."
                forward-addr: 8.8.4.4
                forward-addr: 8.8.8.8
```
but for chosen zones, ask someone else

```
forward-zone: 
                name: "hack"
                forward-addr: 172.31.0.5
                forward-addr: 172.31.116.1
```
(that's for ChaosVPN's .hack domain).


----------

