Home networks have several technical elements that are the pieces to a puzzle that goes together in only one way for optimal performance and connectivity. While you can get online with even the most basic fiber line or LAN cable running to a router or switch, that doesn’t guarantee you the best performance. Unfortunately, the overwhelming majority of home internet connections are set up this way, with the router left in the default technical configuration, aside from a custom SSID and password, which don’t really impact the connectivity or performance. Often, this basic setup works, but just barely, and your ISP shoulders a major part of the blame.
It takes a little tinkering to get to Quality of Service (QoS) settings buried in the firmware, right alongside other bits like the RF broadcast channel selection and Domain Name Server (DNS) settings. Most modern mid-range routers have made considerable advances, automating the channel selection and optimizing for minimal interference. However, DNS is a whole other ball game, since several ISPs (including mine) prevent you from changing it on proprietary routers. This little setting also flies under the radar plenty of times, making well-optimized Wi-Fi networks suffer from stuttering, frame drops, low connection speeds, repeated Captcha verifications, and insane load times for the simplest webpages. And don’t even get me started on the privacy implications (I get to them later in this article).
5 ways to choose the best alternate DNS service
If you are looking for speed or features, here are five ways to choose the best alternate DNS service that works for you.
The detriment of a random DNS
Sticking with the default server might do more harm than good
Typically, your router defaults to the DNS server assigned by your ISP. With zero configuration out of the box, you’ll have working internet, but the ISP’s DNS. This server is effectively pinpointing your query traffic in URL form down to an IP address where the target content is hosted. Most commonly, you’ll see this likened to a phone book or directory on r/HomeNetworking. In the rare case your ISP throws in a proprietary router or mandates you to use their hardware on your home network, chances are you’ll have a hard time proceeding, because the firmware settings could be under lock and key, among other restrictions.
Good providers might include a mid-range or high-end router from reputable brands like D-Link, TP-Link, or NetGear, and they’re the only noteworthy exception. You’re better off using a store-bought router and configuring it yourself, right down to the DNS, but that begs the question of why such tinkering is necessary.
For starters, ISP DNS seldom support modern encryption protocols like DNS over HTTPS (DoH) or over TLS (DoT), instead transmitting your queries over as plaintext in extreme cases. This leaves your queries easily decipherable if intercepted. As though Big Tech snooping and profiling users through browsing cookies for advertisers wasn’t enough, ISPs callous enough to leave DNS requests unsecured could also bundle browsing habits into packages sold to advertisers, data aggregators/brokers, and other third parties. There’s also the omnipresent risk of the ISP using DNS as a tool to log your activity, censor or block access to websites in compliance with state law, or sites otherwise deemed unsafe.
Privacy concerns aside, a sub-par selection significantly dents performance too, and the number of people who notice this is alarmingly low. Even though ISP servers may be located in your city, or closer than alternatives, they’re typically underpowered and overloaded for the network load. This manifests as painfully slow latency in gaming and repeated live stream buffering on Super Bowl Sundays, for instance.
The performance problem becomes a proper bottleneck when you realize ISPs don’t allocate adequate resources for DNS cache and algorithm efficiency, especially as much as a dedicated provider like Cloudflare or OpenDNS would. This results in a slower resolver and painfully slow website load times too. Lest I forget, this attitude trickles down to lax server security too, leaving the provider vulnerable to cache poisoning attacks that redirect users to malicious websites.
Switching DNS providers is a quick fix
Or even host your custom DNS locally
So long as you satisfy the aforementioned prerequisites of a configurable router and an ISP that takes kindly to tinkering, you can eliminate its DNS from your network quite easily. It’s as simple as editing the DNS field on your router firmware page and entering the primary and backup DNS addresses of your chosen provider, like Cloudflare, Google, Quad9, or OpenDNS. With these, you tap into the well-maintained, secure, and high-speed infrastructure of a free, yet dedicated DNS provider. Besides eliminating all the aforementioned issues with slower page load times, video buffering, and requests timing out, you get several other benefits to boot.
Although relatively minor, one of the biggest sanity-saver features I enjoyed with the switch to public DNS was good riddance from repeated Captcha tests to verify if I’m human. A little Reddit research revealed this usually happens when the ISP DNS is flagged for hosting botnet traffic, and switching to a cleaner public DNS provides immediate resolution.
If you prefer even greater control at the cost of a hands-on approach not for the faint of heart, you could go ahead and set up a custom DNS on your own hardware. There’s a laundry list of DNS resolvers to choose from when going down this road. They offer you the added flexibility of redirecting to self-hosted apps, blocking ads at the source, and handling all your requests locally with every protection you need, enabled. They also put the onus of maintaining the server on you, meaning it is essential you don’t accidentally misconfigure the DNS.
A good choice either way
No matter which one you choose between a public DNS and a self-hosted alternative, you’re leagues ahead of whatever your ISP configures by default. You’re bound to gain some internet speed from the switch, and even otherwise, you’ll be ditching a rather invasive service for one that at least claims to respect your privacy. While the gains may be smaller than, say, optimizing your RF channel selection, you’ll not leave performance on the table, clearing one of the quietest hidden bottlenecks in a home network, hardware permitting, of course.
4 reasons you should run your own DNS server with Unbound
Upgrading your network with a self-hosted DNS server is one of the best improvements you can make
