Cloudflare 1.1.1.1 on the Travis Wade Blog
Cloudflare Featured

Cloudflare’s 1.1.1.1 – Privacy for your DNS Lookups with the Performance of the Cloudflare Network

1Shares

1.1.1.1

Launched on April 1st.  4/1 or four 1’s.  Pretty clever.

On April 1st, 2018, Cloudflare launched it’s own public DNS (Domain Name System). With a very memorable and easy to remember IP address to add to your computer or router of 1.1.1.1, similar to Google’s 8.8.8.8 and 8.8.4.4, this isn’t a public DNS system to be easily forgotten.  I’ve went ahead and set this up on my laptop to see if I can notice a difference from a human aspect (without doing any kind of technical evaluation).  So far, I haven’t noticed too much of a performance difference from Google’s, but we’re no machines and we wouldn’t really be able to tell the difference between the two.

Cloudflare 1.1.1.1 DNS Service Performance Globally

Performance really shouldn’t be an issue with the service being offered and provided by the globe’s largest CDN (Content Delivery Network) provider.  You can see some of the best DNS resolvers out there by taking a look at DNS Performance Analytics and Comparison’s website. Where the magic is really taking place in this service is in it’s privacy.  Cloudflare asked web browser vendors what some of the most wished upon features they could have.  Privacy was one of the biggest ones.

Your DNS queries serve the Ad Market

Even when you’re browsing websites that are fully encrypted (the green lock symbol in your browser such as on the site you’re currently browsing), your DNS lookups are no secret.  In fact, anywhere you’ve ever connected to the internet from your laptop, mobile phone, tablet, work computer, your car, whatever, all of your DNS queries are visible to the network you’re using to browse.  Companies like Facebook and Google, already collect a lot of data on you, add Comcast, AT&T, Verizon and many others.  These companies use your DNS data and the queries you run, to help advertising networks.  (in these cases, selling it).

How Cloudflare’s 1.1.1.1 is helping protect our internet browsing assets (your DNS queries)

Let’s start with logging.  Cloudflare made a promise and commitment to never write DNS queries to their hardware (i.e. save your DNS queries to their servers), and that it’s service would wipe all logs every 24 hours.  On top of not saving the queries itself to their own systems, Cloudflare also launched this new system with full support of DNS over TLS, as well as DNS over HTTPS.

How does Cloudflare secure an address like 1.1.1.1?

Cloudflare spoke with APNIC, a Regional Internet Registry (RIR) about the idea.  The problem is an address like 1.1.1.1, is that it can be frequently used (and see’s) a lot of “garbage” traffic.  Take a timeout script for example:

@echo off

echo Waiting 10 seconds before continuing...

PING 1.1.1.1 -n 1 -w 15000 > NUL

There’s undoubtedly a lot of batch files out there currently in use that are pinging 1.1.1.1 as a timeout source. You should probably use some other form of timeout or at least use 127.0.0.1. But Cloudflare offered it’s infrastructure to be able to handle the garbage traffic and in return, APNIC gave Cloudflare 1.1.1.1.  There’s much more to it than simply giving it to them, but for the sake of this article, we’ll leave it at that.

How you can start using Cloudflare’s 1.1.1.1

I would first recommend heading over to 1.1.1.1 and reading up on the service if you’re unfamiliar and would like to still read up on it a bit more.

If you’re on Windows, follow the steps below to get started with using 1.1.1.1 as your DNS resolver service.  See how it performs for you and comment if you notice a difference!

  • Click on the Start menu, then click on Control Panel.
  • Click on Network and Internet.
  • Click on Change Adapter Settings.
  • Right click on the Wi-Fi network you are connected to, then click Properties.
  • Select Internet Protocol Version 4 (or Version 6 if desired).
  • Click Properties.
  • Write down any existing DNS server entries for future reference.
  • Click Use The Following DNS Server Addresses.
  • Replace those addresses with the 1.1.1.1 DNS addresses:
  • For IPv4: 1.1.1.1 and 1.0.0.1
  • For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
  • Click OK, then Close.
  • Restart your browser.

Bonus for Cloudflare customers. Gimme more speed!

Cloudflare 1.1.1.1 Speedy

This likely goes without saying, but did you know that if you’re a current Cloudflare customer (this site is powered by Cloudflare), your users will be gaining a very nice boost in DNS performance browsing your site.  This is because 1.1.1.1’s service (you guessed it), runs on the same infrastructure as your CDN provider.  So there’s an added benefit for you, your users, and Cloudflare!

Travis Wade
Travis Wade
Just a normal human being living the dream. I'm an IT professional in the Healthcare space with a love and passion for cloud computing and highly redundant infrastructure.
https://www.travisnwade.com/

Leave a Reply

Your email address will not be published. Required fields are marked *