Public DNS - Cloudflare v. Google

Google or Cloudflare? I think that's a common question for a non-trivial number of people. Here is my little experiment. The result concludes that Cloudflare DNS is fast and a clear choice at least for my point of presence on the Internet.

First, I need a tool to measure and quantify any performance difference between the two. I use SmokePing and its DNS probe. SmokePing performs five consecutive queries of a given domain at five minute interval. It will then plot the "smoke" graphs as shown below.

Next, to be fair for both, network latency between my point of presence and Google DNS and Cloudflare DNS respectively shall be similar. Lucky me. It happens that I'm about 4ms away from both.

Then, I want to check popular domains (e.g. www.google.com) versus not so common domains (e.g. www.ubnt.com). Popular domains are certainly cached in memory on server side. Perhaps persistently remains in cache. That's believed not the case for uncommon ones. Hence, we can contest the DNS servers' resolving speed, and peek at their cache policy.

Last but not least, I want to check if both DNS servers resolve to best accuracy i.e. IPs with least network latency. SmokePing can't help here and I did some anecdotal check manually.

Result

Cloudflare DNS Smoke Graph

Google DNS Smoke Graph

On both graphs, to the left of red rectangular bar is querying domain, www.google.com. To the right of the red bar is querying domain, www.ubnt.com.

For www.google.com, both DNS servers are similarly fast. Cloudflare marginally wins. Not so hard to spot that from the graphs but I also dived into the RRD data in SmokePing to confirm that.

For www.ubnt.com, Cloudflare is a categorical winner. I can't believe Google performs so badly in comparison. Even after multiple queries of the same domain over a period of several hours, Google DNS at best is 20ms, much worse than 5ms by Cloudflare. I would think that Google DNS doesn't directly store www.ubnt.com in cache. Otherwise, I should get close to 5ms.

So yes, I only measured two domains - take www.google.com as representative of very popular domains and www.ubnt.com as not so common one. I won't generalize the above result. Nevertheless, I've taken a leap of faith in Cloudflare DNS, and encourage people to experiment both and see yourselves.

A note on accuracy

I manually queried www.microsoft.com, www.ibm.com, www.wsj.com and www.ebay.com. Cloudflare DNS always resolves to IPs that show less latency than those returned by Google DNS. The differences range from a few milli-seconds to tens of milli-seconds. Occasionally though I do run into some domains that Google DNS returns more accurate IPs.

Update (Jul 4, 2018)

Increased to 9 queries at five-minute interval. So that we get a bit more shades in the smoke graphs. Also added Quad9 DNS to comparisons.

Both Cloudflare and Google DNS are about 4ms away from my test machine. Quad9 is about 40ms away.

www.ubnt.com is used for query - consider it representative of uncommon domains that are less favourably cached by the public DNS servers.

Cloudflare DNS Smoke Graph

Google DNS Smoke Graph

Quad9 DNS Smoke Graph

Update 2 (Jul 7, 2018)

SmokePing's detail graphs seem to scale the y-axis in such a way that it maintains a reasonable distance between the maximum value and the median values. The preview graphs don't. Hence, provide a complete picture of the maximum latency as shown below for Cloudflare and Google.

The above graphs are very interesting. In each round of probing (9 queries in total for every server), Cloudflare consistently has max latency between 30-60ms while the median value is always very low (~5ms).

One explanation is that Cloudflare caches each new query in a "short-term" memory. Since our probing interval is 5min, we could assume the duration is less than 5min. Otherwise, subsequent rounds of probes will be ~5ms and we will have a much narrower band on the preview graph. That's for uncommon queries. Popular queries either are asked frequently enough to survive purge from "short-term" cache or always stay in cache.

Google appears not have done similar tricks.

To better understand the performance difference, I ran a namebench with 5000 domains from "Top 2000" Alexa list. Here is the graph:

Cloudflare has 60% out of 5000 queries of unique domains taking 20ms or less. Google is only 30%. However, Google overtakes Cloudflare for queries beyond the fastest 62%. Overall namebench indeed indicates a faster average time, 94.67ms for Google vs 118.63ms for Cloudflare.

Conclusion

For everyday use, Cloudflare is likely to offer a faster experience. Google often may beat Cloudflare on certain queries. So if I have to setup upstream servers for dnsmasq, I will probably put Cloudflare as primary and Google as backup.

For the best web experience, trim DNS latency in your network. Get your commonly accessed domains persisted in your LAN's cache by running Unbound. Setup a DNS-based adblock strategy with pixelserv-tls.

Author

Stephen Yip

Something about you know. Come and share.

comments powered by Disqus