Jump to content
RESET Forums (homeservershow.com)

Anyone using OpenDNS servers?


doliveira
 Share

Recommended Posts

Hi,

 

Is there anyone using OpenDNS (www.opendns.com) as DNS servers?

 

I'm asking this because my ISP DNS servers are slow and not rebliable, so i have setup on my router to use the OpenDNS DNS servers instead and since then i seem to have some problems with the Anywhere Access and VPN features of Windows Server 2012 R2 Essentials.

 

A fried told me to use Google Public DNS servers instead of OpenDNS, but from my location OpenDNS servers are a lot faster. 

 

So my question remains, is there anyone using OpenDNS servers? If yes, do they cause any problem or issue with the Anywhere Access and VPN features?

 

Thanks

Link to comment
Share on other sites

Hi,

 

Is there anyone using OpenDNS (www.opendns.com) as DNS servers?

 

I'm asking this because my ISP DNS servers are slow and not rebliable, so i have setup on my router to use the OpenDNS DNS servers instead and since then i seem to have some problems with the Anywhere Access and VPN features of Windows Server 2012 R2 Essentials.

 

A fried told me to use Google Public DNS servers instead of OpenDNS, but from my location OpenDNS servers are a lot faster. 

 

So my question remains, is there anyone using OpenDNS servers? If yes, do they cause any problem or issue with the Anywhere Access and VPN features?

 

Thanks

What are you using to bench mark the DNS Servers? How much faster is OpenDNS vs Googles? I do you OpenDNS but only at locations that don't have good protection at the gateway. I beleave OpenDNS did cause me some trouble when I was using Microsofts Anywhere Access & VPN but its been a long time since I have used Microsoft server products as now I use Synology NAS devices instead. It would be an easy test for you, Change the DNS settings to Google 8.8.8.8 and 8.8.4.4 and see if your trouble clears then you will know. OpenDNS has filtering going on so yes it can cause trouble with certain things, Google uses no filtering Raw DNS only.

Edited by itGeeks
Link to comment
Share on other sites

What are you using to bench mark the DNS Servers? How much faster is OpenDNS vs Googles? I do you OpenDNS but only at locations that don't have good protection at the gateway. I beleave OpenDNS did cause me some trouble when I was using Microsofts Anywhere Access & VPN but its been a long time since I have used Microsoft server products as now I use Synology NAS devices instead.

 

Hi,

 

To benchmark DNS servers i'm using Namebench (https://code.google.com/p/namebench/). Do you know any better DNS test tool?

 

When you say that you had only used OpenDNS at locations that don't have good protection at the gateway, do you mean, places where the router firewall was weak or did not have any dedicated firewall system? Or do you mean something else?

 

You said that OpenDNS had cause some problems to you in Anywhere Access and VPN. So from what you remember, opendns did cause some problems, correct? If yes, what DNS servers did you use instead? Google Public DNS?

 

Thanks 

Link to comment
Share on other sites

Hi,

 

To benchmark DNS servers i'm using Namebench (https://code.google.com/p/namebench/). Do you know any better DNS test tool?

 

When you say that you had only used OpenDNS at locations that don't have good protection at the gateway, do you mean, places where the router firewall was weak or did not have any dedicated firewall system? Or do you mean something else?

 

You said that OpenDNS had cause some problems to you in Anywhere Access and VPN. So from what you remember, opendns did cause some problems, correct? If yes, what DNS servers did you use instead? Google Public DNS?

 

Thanks 

I never used Namebench so I don't know how it compares to Steve Gibson "DNS Benchmark" utility that I use and like https://www.grc.com/dns/benchmark.htm

As for when I use OpenDNS I use it when there is no Gateway protection such as Virus Scanning, Malware Protection, OpenDNS is not a substitute for good Gateway & Client protection but as the saying goes something is better then nothing. I run Sophos UTM as my router/firewall and it has all scanning & filtering built in so in this case I use Google DNS servers as forwarders on my in-house DNS Servers.

Link to comment
Share on other sites

I use Google DNS. 

 

However, my computers connect to my server (2012R2 Essentials) for DNS. That uses itself for DNS, and the DNS Server role uses the router (Sophos) in the DNS Forwarder section (eg, uses the router), and my router then uses Google DNS. :)

Link to comment
Share on other sites

this is kind of related, is it best for sophos to hand out its own address over dhcp and let it forward the dns requests (which would take some request state management, right?) or for it to tell the dhcp clients to go to google or opends themselves?

Link to comment
Share on other sites

this is kind of related, is it best for sophos to hand out its own address over dhcp and let it forward the dns requests (which would take some request state management, right?) or for it to tell the dhcp clients to go to google or opends themselves?

I let Sophos handle the dhcp and that include giving the clients the DNS address of the Sophos gateway then I setup the forward for DNS in Sophos for what ever DNS servers you want to use. Its not good practice to allow the DHCP server to hand out the public DNS servers IP address to the clients. In most cases you always want to hand out private IP address to all your clients NOT public IP's, This allows the gateway to do its job in protecting your network. Hope I answered your question.

Edited by itGeeks
Link to comment
Share on other sites

this is kind of related, is it best for sophos to hand out its own address over dhcp and let it forward the dns requests (which would take some request state management, right?) or for it to tell the dhcp clients to go to google or opends themselves?

 

Depends.  If you're using the web filtering (especially the "decrypt and scan" option), then handing out Sophos as the DNS server is better. 

 

If you're not, then it doesn't matter. But I'd still do it, because it likely caches lookups, so more local responses and less internet requests. (local is faster than internet, usually)

Link to comment
Share on other sites

Depends.  If you're using the web filtering (especially the "decrypt and scan" option), then handing out Sophos as the DNS server is better. 

 

If you're not, then it doesn't matter. But I'd still do it, because it likely caches lookups, so more local responses and less internet requests. (local is faster than internet, usually)

Agreed, This was what I was trying to say only you said it better. Thanks for the lifeline  :) We also cant forget that be pointing the clients DNS to Sophos will give you some level of protection agents DNS type attacks.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...