公共域名解析服務

公共遞歸名稱服務(也稱為公共DNS解析)是一種名稱伺服器服務,用於替換或補充本地互聯網服務供應商(ISP)的提供的域名系統(DNS)。

使用公共DNS可能包括以下原因:

  • 與使用ISP的DNS服務相比,速度更快[1]
  • 過濾(安全、廣告攔截、成人內容等)[2]
  • 統計[3]
  • 避開審查制度[4]
  • 冗餘 (智能快取)[5]
  • 訪問官方DNS根中沒有的非官方頂級域名
  • ISP的DNS服務暫時無法使用

個別公共DNS服務營運商將保護私隱作為其服務的一個優勢;有批評者認為,使用這些服務公共DNS潛在大規模數據收集的風險。

公共DNS解析由商業公司營運向公眾免費提供服務,或者由私人愛好者營運用於傳播新技術和支援非營利社區。個別服務商開始提供安全DNS查詢傳輸服務,如DNS over HTTPS(DoH)和DNS over TLS(DoT)。

知名的公共DNS服務營運商

營運商 節點數 私隱權政策 DNS over UDP/TCP DNSSEC DNS over TLS DNS over HTTPS DNS over QUIC EDNS Padding 主機名稱 IPv4地址 IPv6地址 過濾 備註
AdGuard 12[6] [7] [8] [9] [10] dns.adguard.com 94.140.14.14
94.140.15.15
2a10:50c0::ad1:ff
2a10:50c0::ad2:ff
Default[11] 以私隱為導向的免費DNS解析系統,可阻止跟蹤、廣告和網絡釣魚。[12]
dns-family.adguard.com (過時) 94.140.14.15
94.140.15.16
2a10:50c0::bad1:ff
2a10:50c0::bad2:ff
Family[11]
dns-unfiltered.adguard.com 94.140.14.140
94.140.14.141
2a10:50c0::1:ff
2a10:50c0::2:ff
[11]
CleanBrowsing英語CleanBrowsing 20 [13] [14] [15] [16] family-filter-dns.cleanbrowsing.org 185.228.168.168
185.228.169.168
2a0d:2a00:1::
2a0d:2a00:2::
Family 設計用於13歲以下兒童的裝置
adult-filter-dns.cleanbrowsing.org 185.228.168.10
185.228.169.11
2a0d:2a00:1::1
2a0d:2a00:2::1
Adult
security-filter-dns.cleanbrowsing.org 185.228.168.9
185.228.169.9
2a0d:2a00:1::2
2a0d:2a00:2::2
Security
Cloudflare 200[17] [18] [19] [20] [21] one.one.one.one[22]
1dot1dot1dot1.cloudflare-dns.com
1.1.1.1
1.0.0.1
2606:4700:4700::1111
2606:4700:4700::1001
dns64.cloudflare-dns.com 2606:4700:4700::64
2606:4700:4700::6400
用於僅有IPv6的網絡[23]詳情請看IPv6過渡機制
security.cloudflare-dns.com 1.1.1.2
1.0.0.2
2606:4700:4700::1112
2606:4700:4700::1002
Malware, Phishing
family.cloudflare-dns.com 1.1.1.3
1.0.0.3
2606:4700:4700::1113
2606:4700:4700::1003
Malware, Phishing,
Adult content
Dyn英語Dyn (company) [24] resolver1.dyndnsinternetguide.com
resolver2.dyndnsinternetguide.com
216.146.35.35
216.146.36.36
於2022年5月31日關閉
Google 23[25] [26] [27] dns.google[28]
google-public-dns-a.google.com
google-public-dns-b.google.com
8.8.8.8
8.8.4.4
2001:4860:4860::8888
2001:4860:4860::8844
dns64.dns.google 2001:4860:4860::6464
2001:4860:4860::64
在NAT64閘道器中使用[29]
Neustar英語Neustar [30] 64.6.64.6

64.6.65.6

156.154.70.1
156.154.71.1

2620:74:1b::1:1

2620:74:1c::2:2

2610:a1:1018::1
2610:a1:1019::1

Verisign於2020年12月3日將其公共DNS(以64.和2620:開頭的IP)轉讓給Neustar[31]
156.154.70.2
156.154.71.2
2610:a1:1018::2
2610:a1:1019::2
Malware, ransomware, spyware, phishing
156.154.70.3
156.154.71.3
2610:a1:1018::3
2610:a1:1019::3
Low security + gambling, pornography, violence, hate
156.154.70.4
156.154.71.4
2610:a1:1018::4
2610:a1:1019::4
Medium security + gaming, adult, drugs, alcohol, anonymous proxies
156.154.70.5
156.154.71.5
2610:a1:1018::5
2610:a1:1019::5
不會將不存在的域名重新導向到別的頁面
Cisco Umbrella (OpenDNS) 31[32] [33] [34] [35] [36] dns.opendns.com
dns.umbrella.com[37]
208.67.222.222
208.67.220.220
2620:119:35::35
2620:119:53::53
Basic Security filtering + user defined policies
familyshield.opendns.com 208.67.222.123
208.67.220.123
2620:119:35::123
2620:119:53::123
"FamilyShield": adult content
sandbox.opendns.com 208.67.222.2
208.67.220.2
2620:0:ccc::2
2620:0:ccd::2
沙盒地址不提供任何過濾功能
OpenNIC [38] 部份[39] 部份[39] 部份[40] Several [41] 185.121.177.177
169.239.202.202
2a05:dfc7:5::53
2a05:dfc7:5::5353
OpenNIC Tier 2 DNS Resolvers頁面存檔備份,存於互聯網檔案館)列表
Quad9英語Quad9 149[42] [43] [44] [45] [46] [47] dns.quad9.net
rpz-public-resolver1.rrdns.pch.net
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
Malicious domains (phishing, malware, exploit kit domains)
[48] dns-nosec.quad9.net 9.9.9.10
149.112.112.10
2620:fe::10
2620:fe::fe:10
Yandex [49] common.dot.dns.yandex.net 77.88.8.1
77.88.8.8
2a02:6b8::feed:0ff
2a02:6b8:0:1::feed:0ff
safe.dot.dns.yandex.net 77.88.8.2
77.88.8.88
2a02:6b8::feed:bad
2a02:6b8:0:1::feed:bad
"Safe": fraudulent / infected / bot sites
family.dot.dns.yandex.net 77.88.8.3
77.88.8.7
2a02:6b8::feed:a11
2a02:6b8:0:1::feed:a11
"Family": fraudulent / infected / bot / adult sites

知名的中國大陸公共DNS服務營運商

營運商 節點數 私隱權政策 DNS over UDP/TCP DNSSEC DNS over TLS DNS over HTTPS DNS over QUIC EDNS Padding 主機名稱 IPv4地址 IPv6地址 過濾 備註
阿里DNS alidns.com 223.5.5.5
223.6.6.6
2400:3200::1
2400:3200:baba::1
騰訊DNS dns.pub 119.29.29.29 2402:4e00::
114 DNS 114dns.com 114.114.114.114
114.114.115.115

參考文獻

  1. ^ How to Change Your Default DNS to Google DNS for Fast Internet Speeds. TechWorm. 2016-08-20 [2016-10-22]. (原始內容存檔於2021-09-16) (美國英語). 
  2. ^ A simple way to get around Rogers' DNS re-directing. IT Business. [2016-10-22]. (原始內容存檔於2021-09-16). 
  3. ^ OpenDNS Adds Centralized Reporting, IP-Layer Enforcement to Umbrella. mspmentor.net. [2016-10-22]. (原始內容存檔於2016-10-22). 
  4. ^ Austrian Pirate Bay Blockade Censors Slovak Internet - TorrentFreak. TorrentFreak. 2015-12-03 [2016-10-22]. (原始內容存檔於2021-09-16) (美國英語). 
  5. ^ Security; Iana. DNS devastation: Top websites whacked offline as Dyn dies again. The Register. [2016-10-22]. (原始內容存檔於2016-10-22). 
  6. ^ AdGuard DNS servers map. [2021-05-29]. (原始內容存檔於2017-01-06). 
  7. ^ AdGuard DNS Privacy Notice. [2021-05-29]. (原始內容存檔於2021-09-16). 
  8. ^ AdGuard DNS FAQ: What is DNSSEC?. [2021-05-29]. (原始內容存檔於2017-01-06). 
  9. ^ The official release of AdGuard DNS — a new unique approach to privacy-oriented DNS. [2021-05-29]. (原始內容存檔於2021-09-16). 
  10. ^ Adguard DNS now supports DNSCrypt. [2021-05-29]. (原始內容存檔於2021-09-16). 
  11. ^ 11.0 11.1 11.2 AdGuard DNS Setup guide. [2021-05-29]. (原始內容存檔於2017-01-06). 
  12. ^ AdGuard DNS FAQ: What is AdGuard DNS?. adguard.com. [2019-08-12]. (原始內容存檔於2017-01-06) (英語). 
  13. ^ NOC.org / dcid. CleanBrowsing Privacy and Terms of Service. Cleanbrowsing.org. [2019-01-04]. (原始內容存檔於2018-08-06). 
  14. ^ Parental Control with DNS over TLS Support. [2019-06-03]. (原始內容存檔於2018-05-16). 
  15. ^ NOC.org / dcid. Parental Control with DNS Over HTTPS (DoH) Support. Cleanbrowsing.org. [2019-01-04]. (原始內容存檔於2018-03-28). 
  16. ^ NOC.org / dcid. Parental Control with DNSCrypt Support. Cleanbrowsing.org. [2019-01-04]. (原始內容存檔於2018-02-21). 
  17. ^ Cloudflare: Our Anycast Network Map. [2019-06-03]. (原始內容存檔於2020-12-16). 
  18. ^ Privacy Policy. Cloudflare. [2019-01-04]. (原始內容存檔於2018-05-14). 
  19. ^ The Nitty Gritty - Cloudflare Resolver. [2019-06-03]. (原始內容存檔於2018-04-02). 
  20. ^ Cloudflare Inc. DNS over TLS - Cloudflare Resolver. Developers.cloudflare.com. 2018-03-31 [2019-01-04]. (原始內容存檔於2018-04-02). 
  21. ^ Cloudflare Inc. DNS over HTTPS - Cloudflare Resolver. Developers.cloudflare.com. [2019-01-04]. (原始內容存檔於2018-04-01). 
  22. ^ Test DNS owner one.one.one.one. 2018-08-21 [2019-06-03]. (原始內容存檔於2019-01-21). 
  23. ^ Supporting IPv6-only Networks. [2019-06-03]. (原始內容存檔於2020-12-09). 
  24. ^ Oracle's Privacy Policy. dyn.com. [2018-12-31]. (原始內容存檔於2011-09-14) (美國英語). 
  25. ^ Google Public DNS: Where are your servers currently located?. [2019-06-03]. (原始內容存檔於2013-01-15). 
  26. ^ Google Public DNS: Your Privacy. [2019-06-03]. (原始內容存檔於2021-09-16). 
  27. ^ Google Public DNS: DNS-over-HTTPS. [2019-06-03]. (原始內容存檔於2018-03-20). 
  28. ^ Get Started | Public DNS. [2019-06-03]. (原始內容存檔於2012-04-17). 
  29. ^ Google Public DNS64. [2019-06-03]. (原始內容存檔於2020-12-06). 
  30. ^ Privacy Policy | Neustar. home.neustar. [2019-06-03]. (原始內容存檔於2018-06-25) (英語). 
  31. ^ Verisign Public DNS Offers DNS Stability And Security – Verisign. www.verisign.com. [2020-12-05]. (原始內容存檔於2021-03-31) (美國英語). 
  32. ^ OpenDNS: Data Center Locations. [2019-06-03]. (原始內容存檔於2020-11-05). 
  33. ^ Cisco Online Privacy Statement. [2019-06-03]. (原始內容存檔於2021-09-16). 
  34. ^ DNSSEC General Availability - OpenDNS. [2021-05-29]. (原始內容存檔於2021-09-16). 
  35. ^ Cisco Umbrella Enhances Support of DNS Over HTTPS - Cisco Umbrella. [2022-11-16]. (原始內容存檔於2022-12-13). 
  36. ^ OpenDNS and DNSCrypt. [2021-05-29]. (原始內容存檔於2021-09-16). 
  37. ^ Cisco Umbrella Enhances Support of DNS Encryption with DNS Over HTTPS
  38. ^ OpenNIC: Privacy Policy. [2019-06-03]. (原始內容存檔於2021-09-16). 
  39. ^ 39.0 39.1 OpenNIC Public Servers. [2019-06-03]. (原始內容存檔於2021-09-16). 
  40. ^ OpenNIC: DNSCrypt. [2019-06-03]. (原始內容存檔於2020-07-11). 
  41. ^ OpenNIC Tier 2 DNS Resolvers. [2019-06-03]. (原始內容存檔於2021-09-16). 
  42. ^ Quad9 Locations. [2021-05-29]. (原始內容存檔於2021-01-23). 
  43. ^ Quad9: Privacy, Data Collection and Use Policy. [2019-06-03]. (原始內容存檔於2020-04-07). 
  44. ^ Quad9 FAQ: Does Quad9 implement DNSSEC?. [2019-06-03]. (原始內容存檔於2019-05-04). 
  45. ^ Quad9 Frequently Asked Questions. [2019-06-03]. (原始內容存檔於2019-05-04). 
  46. ^ DoH with Quad9 DNS Servers. [2019-06-03]. (原始內容存檔於2020-07-15). 
  47. ^ Quad9 DNSCrypt Now In Testing. [2019-06-03]. (原始內容存檔於2019-12-28). 
  48. ^ Quad9 FAQ: Is there a service that Quad9 offers that does not have the blocklist or other security?. [2019-06-03]. (原始內容存檔於2019-05-04). 
  49. ^ Terms of use of the Yandex.DNS service. [2019-06-03]. (原始內容存檔於2020-05-15).