- Available for Windows, Linux and Mac, Namebench is a useful if slightly aging utility that benchmarks your current DNS service against a range of others, coming up with recommendations for primary and backup name servers, often from different providers. The output opens as HTML, complete with graphs and response times, which in our case.
- Best Smart DNS for US Netflix, Apple TV, Smart TV, Roku, Windows, Mac, iOS & Android. Best Smart DNS is the premier review site of Smart DNS service providers with award-winning reviews, comparison, and news.
- Fastest Dns Servers
- Dns Server Is Not Responding Windows 10
- Best Dns For My Area
- Find Best Dns Server Mac
It does not have a secondary server, like the other Free Public DNS Servers, and it is much more reliable. SmartViper DNS. It is IPv4 based best DNS servers, which is much more reliable and most common, found on the Internet today. The only disadvantage in this server is its inconsistent speed.
Active4 years, 8 months ago
How to check which DNS server was used to resolve particular hostname within VPN network?
I am using company-provided proprietary VPN client and want to see DNS server's IP address, but
does not list any DNS servers at all. However, I can ping any server in internal network, so DNS is apparently working.
How does DNS lookup work on OSX with/without VPN connections?
bmike♦168k4646 gold badges304304 silver badges662662 bronze badges
RobustaRobusta
4 Answers
First, if
networksetup -getdnsservers <service name>
does not show anything, you don't have anything listed in System Preferences > Netowrk under 'DNS Servers:'.Second, it is important to note that OS X does not handle DNS like most systems. Per https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man5/resolver.5.html Essentially this means that OS X has multiple DNS clients depending on your configuration. The result of these multiple services means that there are situations whereby using Safari to access a website (http://www.example.com) will take you to an IP address that OS X has retrieved from DNS (say 1.2.3.4) while at the same time, performing a dig
will return different results. (perhaps 2.3.4.5)
The reason for this lies in the way that OS X handles DNS.
If you run
$ man dig
you get among other things, the following:Mac OS X NOTICE The dig command does not use the host name and address resolution or the DNS query routing mechanisms used by other processes running on Mac OS X. The results of name or address queries printed by dig may differ from those found by other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also differ from queries that use the Mac OS X DNS routing library.
Also
$man nslookup
will return something similarMac OS X NOTICE The nslookup command does not use the host name and address resolution or the DNS query routing mechanisms used by other processes running on Mac OS X. The results of name or address queries printed by nslookup may differ from those found by other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also differ from queries that use the Mac OS X DNS routing library.
All this is really a rather lengthy way of saying, the best way to see what DNS servers are being used is to look at System Preferences > Network
The 'DNS Server:' entires are usually there, and 'Search Domains:' will allow you to search for incomplete addresses.
If 'DNS Server:' is not present, then OS X will try to use the address in 'Router:' for DNS.
AND, on top of all this fun, there are utilities and other processes that may not be using the OS X DNS Routing Library, and they will be hitting the contents of /etc/resolv.conf directly.
The short short answer is this:
- If you go by the contents of System Preferences > Network, you are looking at the same thing that most processes are using.
- The Contents of System Preferences > Network, should populate /etc/resolv.conf, but not always.
- Some other processes (like dig and nslookup) are accessing /etc/resolv.conf directly.
And, on top of all this - If you are not using the VPN clients built in to OS X, it is possible that additional routes and DNS servers are being used that
networksetup -getdnsservers <service name>
will not show. Your VPN client may have the ability to show you the routes and DNS servers, I know that mine does.I know that this does not precisely answer your question, but hopefully this helps you realize that it is not always easy to find out what the 'truth' is regarding DNS on a Mac. Generally you are safe assuming that the contents of System Preferences > Network, or the contents of
networksetup -getdnsservers <service name>
are where you are getting your DNS from. However if things seem weird, keep in mind that there are other possibilities too. Use dig to help determine if there are differences afoot.Last, for those readers who are wondering how to get the
<service name>
in networksetup -getdnsservers <service name>
, try using networksetup -listallnetworkservices
Bill
TheWellingtonTheWellington1,79411 gold badge1010 silver badges1414 bronze badges
in OSX Mavericks (10.9 - actually 10.6.3 up, I believe) if you want to see the active DNS configuration:
The -first- entry (resolver #1) is reportedly the active configuration..though I've seen plenty of cases where that's not the case.
Fastest Dns Servers
from man scutil
IME, if what you see here doesn't match what you expect (ie, network > advanced > dns), you may need to disable/enable the appropriate network adaptor for it to refresh..
Other tips in recent OSX:
With 10.7 or 10.8, search domains dont apply to lookups with a dot in them. ie - www.test won't append search domains at all, where www will. there's a fix:
Now unload and reload the mDNSResponder service: sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
the network > advanced > dns config is -PER INTERFACE-. So if you use wireless and wired..you have to setup both.
there's another way, too - /etc/resolver - one example in here: Do /etc/resolver/ files work in Mountain Lion for DNS resolution? and more here: https://www.dforge.net/2013/01/30/osx-domain-specific-dns-servers-etcresolver/
As for trying to do an nslookup - it's well known that nslookup (and host and dig) doesn't follow the (extremely unique and mixed up) OSX resolution mechanism. Use ping.
Community♦
keenkeen
I would normally use (on unix environments, and this is possibly a bit old school) something like the following examples.
Firstly, you can lookup an IP address or DNS name entry individually, and it will report back the server that was used to provide the answer. You can lookup a single entry on the command line, or enter the
nslookup
program and lookup several entries without having to re-enter the command:Secondly this command (note I ran this on a windows box, on unix/OS X the command ipconfig /all is instead ifconfig -a and output results may differ slightly) which lists ip config data for each interface on your system, physical ports, wireless connections, VNCs etc, displaying what DNS and IP data is associated with each route out of the machine, you will get lots of entries back, one for each genuine network port/adapter, and also various amounts of virtual ports too depending on your configuration, in my example I removed most of the results but showed my VPN adapter and the (redacted) DNS entries it has.
stuffestuffe23.2k1515 gold badges7373 silver badges128128 bronze badges
What does
nslookup
tell you?It gives me my DNS server on the second line.VolskVolsk
You must log in to answer this question.
Not the answer you're looking for? Browse other questions tagged mavericksdns .
Dns Server Is Not Responding Windows 10
Changing your DNS server is a good idea. You will get better security, privacy, accuracy, and speed by switching away from your ISP’s default. You can change your DNS by just entering a few numbers into your computer or router, but figuring out what those numbers can be is a little more confusing. Google and OpenDNS, the popular choices, may not actually be the best, but luckily, they are far from the only options.
Related: Changing Your DNS Server: Why You Should and How to Do It
What makes a good DNS server?
1. Security
Most ISPs do not use any DNS security, so finding a provider that uses DNScrypt (Very good but requires some setup), DNSSEC (Good but not encrypted), or DNS-over-TLS/DNS-over-HTTPS (Very good but rare) is preferable. Services that use one of these protocols will usually list it in their FAQ or technical information.
2. Privacy
Your ISP probably records your DNS requests, but many alternatives do as well. Try to find a service with anonymous logs (good, fairly common) or no logs (best but hard to find). If the provider doesn’t list their logging policy, just do a search for “[DNS Provider] logging policy.”
3. Accuracy/scope
Most public DNS servers keep more up-to-date records than ISPs, though this is hard to test. Even better, though, some provide access to domains that aren’t even listed on most servers, like “.ti,” which is not an official domain since Tibet is technically part of China.
4. Speed
When it comes to milliseconds, geography matters – the farther your server, the slower the speed. Using a Danish server while you’re in Chile will likely have a noticeable impact on your speed.
Before you settle on a server, test its speeds using a tool like DNS Jumper, DNS Benchmark, or NameBench. If the service you’re testing isn’t listed, all of these tools have fields where you can enter custom DNS addresses. Plug them in, test them, and pick the best ones relative to the others.
Option 1: Big Data
1. Google Public DNS (8.8.8.8, 8.8.4.4): Fast, reliable, secure, but potentially not private
Pros:
- User-friendly
- Great security (DNSSEC and DNS-over-HTTPS)
- Worldwide reach means top-notch speeds
- Claims to delete logs within forty-eight hours
Cons
- Even if they claim their DNS is private, the fact remains that Google’s business model is making money off your traffic.
2. OpenDNS (208.67.222.222, 208.67.220.220): Fast, customizable, and very secure, but definitely not private
Pros
- Well-maintained servers and good speeds
- Top-notch security (DNSCrypt) and browsing protection
- Content-blocking and other settings available
Cons
- OpenDNS claims not to sell your logs, but they explicitly state that they keep everything
- They may be censoring some legitimate websites
- They are owned by Cisco, an IT giant that, again, is getting all your information
3. Others – Level3 Communications – big, reliable, not private, no notable security features
Option 2: Maximum Privacy
1. OpenNIC: Wide variety of servers with good security/privacy
Pros
- Good reputation for privacy and reliability
- Many servers have no-logging policies and/or DNSCrypt
- Servers all over the world, so speeds are generally good
Cons
- Standards can vary widely between servers
- Requires some trust in server-operators
- Requires some tech knowledge
![Dns Dns](/uploads/1/2/6/4/126433409/164946713.png)
2. DNS.Watch (84.200.69.80, 84.200.70.40): High privacy, good security, varying speeds
![Best dns servers for ps4 Best dns servers for ps4](/uploads/1/2/6/4/126433409/524870674.png)
Pros
- Great reputation for privacy, no logging
- Reliable
- Good security (DNSSEC)
- Based in Germany, so speeds are best in Europe
3. Others
- FreeDNS: Great privacy, no extra security, varying speeds
- UncensoredDNS: Great privacy, uses DNSSEC, but gets slower as your distance from Denmark increases
Option 3: The Middle Ground
1. Quad9 (9.9.9.9, 149.112.112.112): Great security, privacy guarantee, good speeds
Pros
- Rolled out in 2017 by IBM, so it’s fast and being continuously upgraded
- Great security (DNSSEC) and a continuously-updated list of blocked malicious websites
- They claim not to store any personally identifiable information and are non-profit
Cons
- IBM is still a big corporation that might use your data
- Auto-blocking malicious websites is nice but may lead to some accidental censorship
2. Verisign (64.6.64.6, 64.6.65.6): Unspecified security, vague privacy, good speeds
Pros
Best Dns For My Area
- Trusted company with plenty of servers
- Promises not to sell your data
Cons
- Only promises not to sell your data; is probably still logging it
- A little light on security specifications
Best mouse for mac pro laptop for design. 3. Others
- Comodo: well-known security company, good speeds, automatically blocks malicious sites, but no extra security and probably keeps logs
- Norton ConnectSafe: another security company, unspecified privacy, can be set to block malicious sites/adult content
Conclusion: Which Is the Best?
The DNS servers listed here represent a significant chunk of the market, though there are others that may also work for your needs. Your best options will vary, but in general, OpenNIC has something for everyone, with Quad9 being a more user-friendly backup option.
Find Best Dns Server Mac
Once you change your DNS, don’t forget to check and make sure it worked!