1.1.1.1, CloudFlare public DNS

3 Likes

Hot damn!

There was a discussion about this on NANOG mailing list.
1.1.1.1, 1.0.0.1, 2001:2001::, 2001:2001:2001:: are IPs of this new resolver.

More information was available at https://1.1.1.1 (has a valid SSL cert btw), it seems like it’s down now though (hence why OP gave a link to Google Cache instead).

The problem is that some equipment vendors (Looking at you, CISCO) use 1.1.1.1 for weird things like captive portals.

2 Likes

Hummmm, latency seems much better than google’s in my end. Might end up switching to CloudFlare DNS.

Anyone try Securi yet? Have heard about issues with CF breaking wordpress sites on occasion whereas Securi not.

Have done some work on websites that are proxied by Sucuri. Seems good. Havent noticed any issues with it tbh.

Didn’t Sucuri get acquired by GoDaddy, or am I remembering wrong?

Only issues with CF breaking sites I’ve had is quirks with Flexible SSL. If you download the CloudFlare-signed cert and install that, then use their Strict SSL policy in settings - no issues.

Also seen broken sites when people try to use CF Page Rules AND .htaccess to handle redirects, on top of WP trying to handle simple redirects - shit show. Recommend sticking with just server-side.

Sucuri was basically built with WP in mind though, so it’s a good option. Also paid so you can get actual support if there are quirks.

Yeah they did, GoDaddy went on an acquisition spree - especially with WP-related stuff - in the last 2 years. I believe they’ve mostly left the companies to run on their own though. We still use ManageWP which they bought in 2016 and nothing really changed, except we got more stuff for free.

And surprisingly, they made their own products a lot better. GoDaddy hosting isn’t hot trash anymore, it’s just normal/average trash shared hosting.

8.8.8.8 is still slightly faster(~10ms) in my region, it’s always nice to have alternatives.

These are pretty much my results, except Quad 9 is closer to OpenDNS than Google in speed.

I’ve been using OpenDNS for… must be over a decade now. Will give Cloudflare a shot though, anything’s better than ISP DNS in most cases.

There is a reason beyond this. A reason beyond offering privacy. It is about providing faster performance for there websites that they host on cloudflare.

While DNSPerf now ranks 1.1.1.1 as the fastest DNS resolver when querying non-Cloudflare customers (averaging around 14ms globally), there’s an added benefit if you’re a Cloudflare customer using our Authoritative DNS. Because the resolver and the recursor are now on the same network, running on the same hardware, we can answer queries for Cloudflare’s customers incredibly quickly. We can also support immediate updates, without having to wait for TTLs to expire.

In other words, every new user of 1.1.1.1 makes Cloudflare’s Authoritative DNS service a bit better. And, vice versa, every new user of Cloudflare’s Authoritative DNS service makes 1.1.1.1 a bit better. So, if you’re an existing Cloudflare customer, encourage your users to try 1.1.1.1 and you’ll see performance benefits from all those who do.

Plus, now they can kill caches on the fly for changes to DNS records. Its all about one service, and that is cloudflare.

4 Likes

I use Cloudflare, Incapsula and Sucuri all need some form of tweaking eventually and Cloudflare getting better. But Sucuri will require some tweaking usually to whitelist stuff from their protections (false positives).

I dig it :slight_smile:

Looks like their site is actually up now :slight_smile:

https://1.1.1.1

Yeah they officially launched it on 1st of April.

1 Like

Not much difference on my end.

Latency between 208.67.222.222, 8.8.8.8, 9.9.9.9, and 1.1.1.1 are all nearly identical for me at home, but I suspect Cloudflare’s large number of POPs probably will give them an advantage over the others.

Got 35ms on 8.8.8.8 and 3ms on 1.1.1.1. Guess I’m changing it.

2 Likes

Apparently a firmware upgrade on AT&T routers is blocking 1.1.1.1 and 1.0.0.1: