Blog Post

Performance Breakdown of 1.1.1.1: Cloudflare’s Public DNS Resolver

Published
April 17, 2018
#
 mins read
By 

in this blog post

I have always been a huge fan of external DNS resolvers such as OpenDNS and Google Public DNS resolvers. I truly believe that they do improve the online customer experience since most ISPs do either a poor job at managing their DNS or they do DNS rewrites. Cloudflare recently launched their own DNS service, 1.1.1.1, which it claims to be “performance friendly”, so we decided to put this claim to test. But before I dive into the verdict, let us understand what DNS resolvers are and why public DNS resolvers matter.

DNS resolvers form the backbone of the internet – the 411 of the internet, allowing humans to type friendly domains in their browsers and land in the right location. If DNS resolution fails it feels we are back in the stone age. Performance bottlenecks at the DNS level can have a direct impact on the application(s) performance and ultimately will impact the end user experience.

In a traditional networking environment, the user’s ISP provides the DNS resolver which, in most cases, is not optimized for speed or performance. ISPs are not particularly concerned about the performance of DNS resolvers they provide, and this has pushed the case for public DNS resolvers. As with any other service, public DNS resolvers have their own set of pros and cons. Users switching to a public DNS resolver usually cite the following reasons:

  • Performance issues – outages and latency.
  • Reliability and security – These are additional features that are offered by default with such services. The public DNS resolvers are touted to be more reliable with DNS filtering that make it more secure.
  • Geolocation – ISPs may not have a network architecture that is configured to select the optimum DNS resolver based on the user’s location.

Cloudflare’s new release is a welcome addition to the existing set of easy-to-remember public resolvers. But what makes this even more interesting is the claim that it is the fastest (approximately 14ms!). Being in the digital experience monitoring industry, I just had to put together the exact facts and figures and see for myself if this was true.

Testing Methodology

We set up tests using Catchpoint’s DNS direct solution and pointed our nodes (Backbone, Broadband, Last Mile and Wireless) to 1.1.1.1 and requested for www.google.com. Once the tests were run, we used a geometric mean to aggregate and analyze the data.

  • “1.1.1.1” refers to Cloudflare’s solution
  • “8.8.8.8” refers to Google’s solution
  • “208.67.222.222” refers to OpenDNS’s solution

Results

Let’s start the analysis with the data from the backbone nodes. Globally, the performance has been on par with what was announced by Cloudflare!

We break the data down by percentiles and the numbers are consistent: Cloudflare’s averages are skewed by the fact that their services are not available in some countries (more later).

Grouping the data by country:

Further breakdown by uptime and country:

A few countries stand out from the data breakdown – Peru, Palestine, Morocco and Egypt are not able to access 1.1.1.1. For example, when we try to reach “https://1.1.1.1” from Morocco, it displays the following message:

Let’s break this down even further by ISP/Country:

Has latency been addressed?

Proximity to the end user is important when trying to cut down latency in the DNS resolution process and the Catchpoint traceroute tests prove that Cloudflare has taken this into account.

Tracing route to 1.1.1.1 [1.1.1.1] over a maximum of 30 hops:

1    1 ms    1 ms    2 ms 41.87.153.129

2    1 ms   <1 ms   <1 ms 41.87.153.61

**3    4 ms    4 ms    4 ms 1.1.1.1

**

Performance from Last Mile

Breakdown by percentiles:

Breakdown by city:

Uptime by city:

Performance over Wireless

Public DNS services can be a boon over wireless networks which can cause latency and degrade DNS performance. Let’s look at the data from our wireless nodes.

Breakdown by uptime and city

Breakdown by carrier performance

Breakdown by ISP uptime

Verdict

Cloudflare is fast! And our data proves it.

However, because 1.1.1.1 and 1.0.0.1 were reserved for research purposes, we strongly recommend you check your equipment’s manufacturers and with your ISPs or your corporate networking team before enabling the service.

If you do enable 1.1.1.1, be sure to monitor closely. If you’re not already a Catchpoint customer, you can trial our DNS monitoring solution.

Learn more about Catchpoint with a guided test drive.

I have always been a huge fan of external DNS resolvers such as OpenDNS and Google Public DNS resolvers. I truly believe that they do improve the online customer experience since most ISPs do either a poor job at managing their DNS or they do DNS rewrites. Cloudflare recently launched their own DNS service, 1.1.1.1, which it claims to be “performance friendly”, so we decided to put this claim to test. But before I dive into the verdict, let us understand what DNS resolvers are and why public DNS resolvers matter.

DNS resolvers form the backbone of the internet – the 411 of the internet, allowing humans to type friendly domains in their browsers and land in the right location. If DNS resolution fails it feels we are back in the stone age. Performance bottlenecks at the DNS level can have a direct impact on the application(s) performance and ultimately will impact the end user experience.

In a traditional networking environment, the user’s ISP provides the DNS resolver which, in most cases, is not optimized for speed or performance. ISPs are not particularly concerned about the performance of DNS resolvers they provide, and this has pushed the case for public DNS resolvers. As with any other service, public DNS resolvers have their own set of pros and cons. Users switching to a public DNS resolver usually cite the following reasons:

  • Performance issues – outages and latency.
  • Reliability and security – These are additional features that are offered by default with such services. The public DNS resolvers are touted to be more reliable with DNS filtering that make it more secure.
  • Geolocation – ISPs may not have a network architecture that is configured to select the optimum DNS resolver based on the user’s location.

Cloudflare’s new release is a welcome addition to the existing set of easy-to-remember public resolvers. But what makes this even more interesting is the claim that it is the fastest (approximately 14ms!). Being in the digital experience monitoring industry, I just had to put together the exact facts and figures and see for myself if this was true.

Testing Methodology

We set up tests using Catchpoint’s DNS direct solution and pointed our nodes (Backbone, Broadband, Last Mile and Wireless) to 1.1.1.1 and requested for www.google.com. Once the tests were run, we used a geometric mean to aggregate and analyze the data.

  • “1.1.1.1” refers to Cloudflare’s solution
  • “8.8.8.8” refers to Google’s solution
  • “208.67.222.222” refers to OpenDNS’s solution

Results

Let’s start the analysis with the data from the backbone nodes. Globally, the performance has been on par with what was announced by Cloudflare!

We break the data down by percentiles and the numbers are consistent: Cloudflare’s averages are skewed by the fact that their services are not available in some countries (more later).

Grouping the data by country:

Further breakdown by uptime and country:

A few countries stand out from the data breakdown – Peru, Palestine, Morocco and Egypt are not able to access 1.1.1.1. For example, when we try to reach “https://1.1.1.1” from Morocco, it displays the following message:

Let’s break this down even further by ISP/Country:

Has latency been addressed?

Proximity to the end user is important when trying to cut down latency in the DNS resolution process and the Catchpoint traceroute tests prove that Cloudflare has taken this into account.

Tracing route to 1.1.1.1 [1.1.1.1] over a maximum of 30 hops:

1    1 ms    1 ms    2 ms 41.87.153.129

2    1 ms   <1 ms   <1 ms 41.87.153.61

**3    4 ms    4 ms    4 ms 1.1.1.1

**

Performance from Last Mile

Breakdown by percentiles:

Breakdown by city:

Uptime by city:

Performance over Wireless

Public DNS services can be a boon over wireless networks which can cause latency and degrade DNS performance. Let’s look at the data from our wireless nodes.

Breakdown by uptime and city

Breakdown by carrier performance

Breakdown by ISP uptime

Verdict

Cloudflare is fast! And our data proves it.

However, because 1.1.1.1 and 1.0.0.1 were reserved for research purposes, we strongly recommend you check your equipment’s manufacturers and with your ISPs or your corporate networking team before enabling the service.

If you do enable 1.1.1.1, be sure to monitor closely. If you’re not already a Catchpoint customer, you can trial our DNS monitoring solution.

Learn more about Catchpoint with a guided test drive.

This is some text inside of a div block.

You might also like

Blog post

When SSL Issues aren’t just about SSL: A deep dive into the TIBCO Mashery outage

Blog post

Preparing for the unexpected: Lessons from the AJIO and Jio Outage

Blog post

The Need for Speed: Highlights from IBM and Catchpoint’s Global DNS Performance Study