Upstream DNS Servers: Put the internet to work

Greg Heffner September 4, 2024

In previous blogs I talked about DNS Servers and how devices get on the internet. This blog is how those devices get their information. Choosing the correct upstream DNS server to use can help you with things like Efficiency, Security, and Privacy.

How do they work?

Upstream DNS servers are the servers that your local DNS server queries when it does not have the answer to a DNS query.

When you type a website address into your browser, your computer sends the query to a DNS server. If the local DNS server does not have the answer, then it will query other DNS servers to find the answer and return it to your computer. It will keep asking other DNS servers until it finds one that knows the answer, however, if none of the DNS servers know the address, your computer will get a message saying that the website cant be found. Upstream DNS servers help ensure that your DNS queries are resolved quickly and securely, providing an extra layer of protection and performance for your internet browsing. Think of them like switchboards where everyone is connected together and routed.

Why are they important to me?

There are a few reasons why you should consider using an upstream DNS provider that is different than the one you get from your internet service provider.

Efficiency- Having DNS servers that are built for speed improves your experience. Upstream DNS servers often have upgraded infrastructure that can resolve DNS queries faster than local ISP servers or the PiHoles you may host yourself. Major DNS providers often have a global network of servers. This means that no matter where you are, theres likely a server nearby, reducing latency and speeding up your internet experience.

Enhanced Security- Some DNS providers offer features like malware blocking and phishing protection, adding an extra layer of security to your browsing. When you try to access malicious sites, the upstream DNS provider can block the traffic, keeping you from visiting the harmful site. Phishing attacks often involve tricking users into visiting fake websites that look legitimate. These sites try to steal personal information like usernames, passwords, and credit card details. Upstream DNS providers with phishing protection can identify and block these sites, keeping you safe.

Better Privacy- Certain upstream DNS providers do not log your DNS queries or by offering encrypted DNS options. Without logging, theres less data available for tracking your online behavior. This is important if youre concerned about privacy and want to minimize your digital footprint. Check out this blog on why you should use a VPN.

What are some Upstream DNS free solutions?

There are several free DNS providers that you can use as your upstream DNS server. Here are a few options:

• Cloudflare 1.1.1.1 for Families 1.1.1.1 for Families is easy to set up and install, requiring just changing two numbers in the settings of your home devices or network router. 1.1.1.1 for Families has two default options: one that blocks malware and the other that blocks malware and adult content. You choose which setting you want depending on which IP address you configure.
  
• CleanBrowsing is a DNS resolver that helps navigate the internet by inspecting DNS requests against a curated list of domain names. It offers different filtering options to block inappropriate content, making it a good choice for families and schools.
• Google Public DNS is a free DNS service provided by Google. It aims to make the internet faster and more efficient by responding to DNS queries from authoritative name servers. It’s one of the largest public DNS services available.s to make the internet faster and more efficient.
• Comodo Secure DNS provides domain name resolution through a network of redundant DNS security servers. It offers a safer, smarter, and faster internet experience by blocking harmful websites like phishing and malware sites.

Where do I set it up?

Setting up your preferred DNS servers can be done in a few different ways, depending on your network configuration and operating system. Here are a few examples:

ISP Routers- Find the router IP address in network settings. Comcast usually is 10.0.0.1 and AT&T is usually 192.168.1.254. Log in to your personal router’s admin page. Navigate to the DNS settings. Enter your preferred DNS servers. Save the settings.

Ubiquiti- Open a web browser and go to the UniFi Network Controller login page. In the UniFi Network Controller, go to Settings. Select Networks from the menu. Find your WAN network (usually named WAN or WAN1) and click Edit. In the DNS Server fields, enter the IP addresses of your preferred DNS servers. Click Save to apply the changes.

iOS- Go to the Settings app. Tap the i icon next to the network you are connected to or want to configure. Scroll down and tap Configure DNS. Select Manual. Tap Add Server. Enter the IP addresses of your preferred DNS servers. Tap Save to apply the changes.

Android- Go to the Settings app on your device. Tap on Network & Internet. Scroll down and tap Private DNS. Select Private DNS provider hostname. Enter the hostname of your preferred DNS provider. Tap Save.

Upstream DNS servers are an important part of your internet experience. They help ensure that your DNS queries are resolved quickly and securely, providing an extra layer of protection and performance for your internet browsing. By choosing the right upstream DNS provider, you can improve your online experience and keep your data safe. Check out Which upstream DNS provider do you use and why for more information. Also check out Encrypt Your DNS (STOP Your ISP SNOOPING!) by Naomi Brockwell TV for more information on DNS encryption.

BingAI explanation

Imagine the internet is like a huge library with millions of books. When you want to find a specific book, you ask the librarian for help. In this case, the librarian is like a DNS server.

Now, an upstream DNS server is like a super librarian that helps your local librarian. If your local librarian (your home DNS server) doesnt know where a book is, they ask the super librarian (the upstream DNS server) for help. The super librarian has access to even more information and can quickly find the book you need.

So, in simple terms, an upstream DNS server helps your local DNS server find websites on the internet when it doesnt know where to look. Its like having a really smart friend who knows everything about the internet!