[lacnog] Resolver 1.1.1.1
Carlos M. Martinez
carlosm3011 en gmail.com
Lun Abr 2 17:10:12 BRT 2018
Si les intriga como se compara la performance de diversos providers de
DNS recursivo, les recomiendo una lectura rápida:
-
https://medium.com/@nykolas.z/dns-resolvers-performance-compared-cloudflare-x-google-x-quad9-x-opendns-149e803734e5
Hay un test que pueden correr uds individualmente, alcanza con hacer:
1. Clonar un repo de github:
```
yaguaron:scratch carlos$ git clone
https://github.com/cleanbrowsing/dnsperftest/ dnsperftest
Cloning into 'dnsperftest'...
remote: Counting objects: 24, done.
remote: Compressing objects: 100% (22/22), done.
remote: Total 24 (delta 5), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (24/24), done.
yaguaron:scratch carlos$ cd dnsperftest/
```
2. Correr el test y visualizar resultados (los de abajo son desde la red
de LACNIC, AS 28000):
```
yaguaron:dnsperftest carlos$ bash dnstest.sh
test1 test2 test3 test4 test5 test6 test7
test8 test9 test10 Average
cloudflare 19 ms 15 ms 16 ms 14 ms 16 ms 16 ms 21 ms
16 ms 16 ms 21 ms 17.00
google 19 ms 21 ms 16 ms 261 ms 90 ms 204 ms 17 ms
43 ms 43 ms 38 ms 75.20
quad9 211 ms 173 ms 225 ms 172 ms 286 ms 175 ms 175 ms
169 ms 171 ms 171 ms 192.80
opendns 297 ms 159 ms 170 ms 397 ms 155 ms 397 ms 163 ms
240 ms 204 ms 159 ms 234.10
norton 168 ms 140 ms 192 ms 200 ms 175 ms 176 ms 175 ms
168 ms 143 ms 141 ms 167.80
cleanbrowsing 59 ms 65 ms 57 ms 46 ms 43 ms 58 ms 63 ms
59 ms 41 ms 59 ms 55.00
yandex 271 ms 322 ms 282 ms 293 ms 289 ms 280 ms 283 ms
348 ms 291 ms 288 ms 294.70
adguard 301 ms 300 ms 285 ms 299 ms 313 ms 299 ms 298 ms
288 ms 311 ms 357 ms 305.10
neustar 174 ms 175 ms 174 ms 177 ms 144 ms 170 ms 140 ms
143 ms 182 ms 140 ms 161.90
comodo 171 ms 172 ms 168 ms 172 ms 168 ms 176 ms 275 ms
175 ms 168 ms 173 ms 181.80
```
s2
Carlos
On 2 Apr 2018, at 16:32, Lucimara Desiderá wrote:
> Nos comentários do próprio blog
> https://blog.cloudflare.com/announcing-1111/
>
> "Olafur Gudmundsson 6 Quarters • a day ago
>
> Due to various reasons 1.1.1.1 does not work for fraction of the
> internet; We are working in fixing that. The issues involved include;
> Network filters; various devices that use 1.1.1.1 internally; etc.
> Stay
> tuned for followup blogs and for now use 1.0.0.1 or our IPv6
> addresses..."
>
>
> Endereços IPv6 corretos:
>
> https://blog.cloudflare.com/dns-resolver-1-1-1-1/
>
> "For IPv6, we have chosen 2606:4700:4700::1111 and
> 2606:4700:4700::1001
> for our service. It’s not as easy to get cool IPv6 addresses;
> however,
> we’ve picked an address that only uses digits."
>
> []s
> Lucimara
>
>
> On 04/02/18 12:06, Jaime wrote:
>> Es interesante contar con varias opciones de resolver’s,
>> yo tengo enlace Internet dedicado con Movistar Chile y el 1.1.1.1 no
>> responde ni ping, dns ni web.
>> en cambio el 1.0.0.1 si funciona.
>> Te adjunto ambas trazas:
>>
>> root en pbx:~# ping 1.1.1.1
>> PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
>> ^C
>> --- 1.1.1.1 ping statistics ---
>> 6 packets transmitted, 0 received, 100% packet loss, time 5039ms
>>
>> root en pbx:~# traceroute -I 1.1.1.1
>> traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
>> 1 172.16.101.1 (172.16.101.1) 0.165 ms 0.164 ms 0.172 ms
>> 2 201.236.136.169 (201.236.136.169) 0.629 ms 0.680 ms 0.763 ms
>> 3 172.30.247.165 (172.30.247.165) 1.136 ms 1.150 ms 1.148 ms
>> 4 10.200.247.90 (10.200.247.90) 1.821 ms 1.925 ms 1.926 ms
>> 5 10.200.247.89 (10.200.247.89) 2.241 ms 2.224 ms 2.218 ms
>> 6 * * *
>> 7 * * *
>> 8 * * *
>> 9 * * *
>> 10 * * *
>> 11 * * *
>> 12 * * *
>> 13 * * *
>> 14 * * *
>> 15 * * *
>> 16 * * *
>> 17 * * *
>> 18 * * *
>> 19 * * *
>> 20 * * *
>> 21 * * *
>> 22 * * *
>> 23 * * *
>> 24 * * *
>> 25 * * *
>> 26 * * *
>> 27 * * *
>> 28 * * *
>> 29 * * *
>> 30 * * *
>> root en pbx:~#
>>
>>
>> root en pbx:~# ping 1.0.0.1
>> PING 1.0.0.1 (1.0.0.1) 56(84) bytes of data.
>> 64 bytes from 1.0.0.1: icmp_seq=1 ttl=50 time=26.0 ms
>> 64 bytes from 1.0.0.1: icmp_seq=2 ttl=50 time=26.1 ms
>> 64 bytes from 1.0.0.1: icmp_seq=3 ttl=50 time=26.1 ms
>> 64 bytes from 1.0.0.1: icmp_seq=4 ttl=50 time=26.3 ms
>> ^C
>> --- 1.0.0.1 ping statistics ---
>> 4 packets transmitted, 4 received, 0% packet loss, time 3003ms
>> rtt min/avg/max/mdev = 26.092/26.178/26.326/0.091 ms
>> root en pbx:~# traceroute -I 1.0.0.1
>> traceroute to 1.0.0.1 (1.0.0.1), 30 hops max, 60 byte packets
>> 1 172.16.101.1 (172.16.101.1) 0.133 ms 0.135 ms 0.130 ms
>> 2 201.236.136.169 (201.236.136.169) 0.587 ms 0.658 ms 0.737 ms
>> 3 172.30.247.165 (172.30.247.165) 1.067 ms 1.073 ms 1.073 ms
>> 4 pe24tolp01.tie.vl111.lflo.internacional.ce.nap.movistar.cl
>> (186.148.62.150) 1.586 ms 1.600 ms 1.600 ms
>> 5 pe24tolp01.tie.vl111.lflo.internacional.pe.nap.movistar.cl
>> (186.148.62.149) 1.863 ms 1.877 ms 1.877 ms
>> 6 * * *
>> 7 213.140.39.91 (213.140.39.91) 1.802 ms 1.888 ms 1.786 ms
>> 8 213.140.39.90 (213.140.39.90) 9.200 ms 5.813 ms 5.726 ms
>> 9 94.142.99.65 (94.142.99.65) 25.597 ms 25.508 ms 25.659 ms
>> 10 * * *
>> 11 1dot1dot1dot1.cloudflare-dns.com
>> <http://1dot1dot1dot1.cloudflare-dns.com> (1.0.0.1) 26.029 ms
>> 26.019
>> ms 26.000 ms
>> root en pbx:~#
>>
>>
>>
>>> El 02-04-2018, a las 11:30 a.m., Esteban Carisimo
>>> <carisimo en cnet.fi.uba.ar <mailto:carisimo en cnet.fi.uba.ar>>
>>> escribió:
>>>
>>> Gracias por la información Fabián.
>>>
>>> Ahora estamos contando con el 8.8.8.8, el 9.9.9.9 y el 1.1.1.1, y al
>>> igual que Gabriel, lo primero que hice fue mirar el traceroute hacia
>>> el 1.1.1.1. Sería interesante comparar las trazas a cada uno de
>>> estos
>>> DNS desde distintos puntos de la región.
>>>
>>> Saludos!
>>>
>>> Esteban Carisimo
>>> Temporarily Visiting Graduate Student at CAIDA
>>> PhD student at CoNexDat (UBA-CONICET)
>>> http://cnet.fi.uba.ar/esteban_carisimo/en
>>> El 1/4/18 a las 23:00, Gabriel.Nigro escribió:
>>>> Gracias por la info. Estuve haciendo unas pruebas de Traceroute y
>>>> me
>>>> llama la atencion que hay con dos isp de argentina. Aca dejo los
>>>> traceroute.
>>>>
>>>> desde M0vistar FO
>>>>
>>>> boxsrv:~$ traceroute 1.1.1.1
>>>> traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
>>>> 1 1dot1dot1dot1.cloudflare-dns.com
>>>> <http://1dot1dot1dot1.cloudflare-dns.com/> (1.1.1.1) 0.000 ms
>>>> 0.000
>>>> ms 0.000 ms
>>>>
>>>>
>>>> desde Telecentr0,muy rara la diferencia.....
>>>>
>>>> traceroute to 1.1.1.1 (1.1.1.1) , 5 relative hops max, 52 byte
>>>> packets
>>>> 1 192.168.0.1 (192.168.0.1) 10.323 ms 46.259 ms 47.181 ms
>>>> 2 10.31.64.1 (10.31.64.1) 11.214 ms 30.810 ms 33.086 ms
>>>> 3 10.242.4.241 (10.242.4.241) 29.931 ms 49.426 ms 50.955 ms
>>>> 4 200.32.127.98 (200.32.127.98) 10.760 ms 102.216 ms 103.080 ms
>>>> 5 * * *
>>>> 6 ae0.ar3.eze1.gblx.net <http://ae0.ar3.eze1.gblx.net/>
>>>> (67.16.146.174) 20.655 ms 105.665 ms 109.279 ms
>>>> 7 208.51.134.130 (208.51.134.130) 19.407 ms 53.661 ms 69.473 ms
>>>> 8 185.70.203.71 (185.70.203.71) 40.994 ms 391.870 ms 399.075 ms
>>>> 9 1dot1dot1dot1.cloudflare-dns.com
>>>> <http://1dot1dot1dot1.cloudflare-dns.com/> (1.1.1.1) 13.189 ms
>>>> 134.861 ms 147.300 ms
>>>>
>>>> ® "... Live your life as if you will die tomorrow but learn as if
>>>> you
>>>> will
>>>> live forever ..." Mahatma Gandhi" ™ smart-questions
>>>> <http://www.catb.org/esr/faqs/smart-questions.html>
>>>> Fingerprint=D4E7 C1E5 8599 A751 95F5 BBA1 4382 0E91 87CD D24D
>>>>
>>>>
>>>> On Sun, Apr 1, 2018 at 10:20 PM Fabián Mejía
>>>> <ing.fabianmejia en gmail.com <mailto:ing.fabianmejia en gmail.com>>
>>>> wrote:
>>>>
>>>> Hola lista
>>>>
>>>> Hoy 1 de abril, CloudFlare lanzó oficialmente un servicio de
>>>> DNS
>>>> recursivo gratuito en la IP 1.1.1.1. Según CloudFlare el
>>>> servicio es:
>>>> “the Internet's fastest, privacy-first consumer DNS
>>>> service”.
>>>>
>>>> Es destacable que el servicio no guardará logs más allá de
>>>> 24
>>>> horas (con
>>>> poca información) y además soporta DNS-over-TLS y
>>>> DNS-over-HTTPS.
>>>> Además, el prefijo 1.1.1.0/24 <http://1.1.1.0/24> tiene creado
>>>> su
>>>> respectivo ROA y por tanto
>>>> el prefijo tiene un estado RPKI valid.
>>>>
>>>> En Ecuador, donde CloudFlare está conectado a NAP.EC
>>>> <http://nap.ec/> está disponible
>>>> localmente.
>>>>
>>>> Más info: https://blog.cloudflare.com/announcing-1111/
>>>>
>>>>
>>>> --
>>>> Saludos,
>>>>
>>>> Fabián Mejía
>>>> _______________________________________________
>>>> LACNOG mailing list
>>>> LACNOG en lacnic.net <mailto:LACNOG en lacnic.net>
>>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>>> Cancelar suscripcion:
>>>> https://mail.lacnic.net/mailman/options/lacnog
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> LACNOG mailing list
>>>> LACNOG en lacnic.net
>>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>>> Cancelar suscripcion:
>>>> https://mail.lacnic.net/mailman/options/lacnog
>>>
>>> _______________________________________________
>>> LACNOG mailing list
>>> LACNOG en lacnic.net <mailto:LACNOG en lacnic.net>
>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>>
>>
>>
>> _______________________________________________
>> LACNOG mailing list
>> LACNOG en lacnic.net
>> https://mail.lacnic.net/mailman/listinfo/lacnog
>> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20180402/1f57d660/attachment-0001.html>
Más información sobre la lista de distribución LACNOG