Hello,
I often have the following problem:
My broadband measurement results in download speeds in the home network that are far too low. (Only 3% to 5% of the booked tarif reaches me: 1000Mbit/s booked, broadband measurement on PC or apple TV results in 30 MBit/s).
All this time I have been looking for a fault in my home network (router, switch, patch field etc....).
By chance I just saw that the public DNS server 9.9.9.9 which was recommended by eblocker.org was rated as unreliable.
After deleting the unreliable DNS server, I am currently measuring approximately the bandwidth I booked (approx. 950 Mbit/s).
The entry under DNS-Firewall>external DNS server therefore seems to directly influence the download speed, which is probably known to every network expert here, but not to me as a layman.
At the moment, I only have one reliable DNS server stored. Now I have the following questions:
1.) According to which criteria can I select an additional alternative DNS server from the OpenNIC server list?
2.) How many should I enter in the list of external DNS servers?
3.) I have booked a VPN service with Ivacy. Does it make sense to always connect to the VPN when surfing the Internet from home (i.e. in a secured network), or would you not normally do this?
Thank you in advance
Translated with www.DeepL.com/Translator (free version)
1. Id ont know
2. To my knowledge, to have a backup is worthwhile. So I would recommend two
3. That depends of the protection you want. To me, I dont do anything without a VPN. For others it might be different. The issue I have is that with VPN und raspi I only get maximum 92MBit/s.
The entry under DNS-Firewall>external DNS server therefore seems to directly influence the download speed, which is probably known to every network expert here, but not to me as a layman.
This is not correct. DNS practically has no influence on the download speed.
Background: DNS is used for resolving the domain address, say domain.com, to an IP address, say 123.123.123.123. No more, no less. This resolution usually takes <1 sec only. Once the IP address has been resolved, DNS has no influence on the download speed at all. The download speed is then limited by the bandwidth of the parties involved (say PC, eBlocker, routers/switches in transit, download server).
add 1) We recommend 1.1.1.1 and 9.9.9.9 as they are neither censoring domains nor logging any activity and are usually very reliable. The choice of criteria is yours if you feel choosing different DNS providers.
add 2) At least one 😉 There is no "rule of thumb" for adding more. Personally, I'd be very cautious and only add DNS that do not censor and are reliable (see 1). Adding more severs depends on your settings very much:
If set to "by availability" the next DNS server is taken if the current is not responding. So adding a loong list makes not very much sense. "Round robin" means all DNS servers in the list are used in order of priority and with "in random order" all DNS servers in the list have a chance to get a requests. Only with the latter two settings it might make sense to add more, but if you are adding unreliable servers - this will all add up time to resolve the domain. So you want to focus on reliability for sure. See here for the discussed options.
add 3) I'd add the VPN to eBlocker (never ever use a VPN client as this "kills" eBlocker!) and enable it (via the Dashboard/Controlbar) whenever you feel it's necessary to hide the IP.
THX!
Thank you very much for the feedback.
Once the IP adress has been resolved, DNS has no influence on the download speed...
Do I understand this correctly: If there are problems with the resolution of the IP address (because the DNS server works unreliably and/or the selection of the DNS server via the settings in eblocker is wrong or poorly chosen), the bandwidth measurement actually becomes very poor. Right?
This could then have the effects I described, that suddenly only a fraction of the booked bandwidth can be measured.
DNS server via the settings in eblocker is wrong or poorly chosen), the bandwidth measurement actually becomes very poor. Right?
No, this is generally not correct. If the DNS has a poor response time, only the initial period until data is transmitted will be delayed. The bandwidth itself (to transmit data) is not affected at all. BTW: All subsequent DNS requests of the same domain will not be affected by a response delay as the DNS‘ answer is usually cached (by the client).
To say this less technical: If you need some time to look up a phone number (=DNS delay), this does not affect the quality of the phone conversation (=bandwidth) at all. Your call just starts delayed. Using „redial“ (=DNS cache) this delay will not happen on subsequent calls to the same party.
In case you want to eliminate the risks of DNS delays, you can switch eBlocker to use your provider‘s DNS. Usually provider‘s DNS response & uptime is pretty good - but of course there is a minimal risk your visited domains get recorded. Not very likely in the EU but rather the rule in the USA…
If you pause eBlocker, then everything is set as if eBlocker is not installed. Usually the provider‘s DNS is then used (or whatever you‘ve setup as DNS in your DHCP server).
I consider this thread „solved“ as eBlocker is obviously not causing your speed issues.
BTW: I use the eBlocker‘s DNS standard 1.1.1.1/9.9.9.9 for years and never experienced response delays. So I can not support your suspicion of DNS delay issues. I‘d rather suspect your provider or some WLAN limitations due to many surfing neighbors…
THX!
To say this less technical: If you need some time to look up a phone number (=DNS delay), this does not affect the quality of the phone conversation (=bandwidth) at all. Your call just starts delayed. Using „redial“ (=DNS cache) this delay will not happen on subsequent calls to the same party.
I love your non-tech explanation which makes it pretty clear - even to „Grandma Helga“ 😉 👍👍👍 Thanks for your great work - even on non eBlocker topics 😜
Since the feedback now turned out to be quite different from what I had expected, I would not want to consider my problem as solved yet, so please do not close my request yet.
I would like to prove with my broadband measurements that my problem is exactly as described.
If I enter 9.9.9.9 as the only DNS server in the list in eblocker (this is currently shown to me as unreliable), I have exactly this described effect in my bandwidth measurement. After that, however, nothing gets faster for me and I can only ever measure approx. 30 Mbit instead of the booked 1000 Mbit. No matter how many measurements I take afterwards.
If, on the other hand, I enter 1.1.1.1 as the only DNS server, I get approx. 950 Mbit displayed in the bandwidth measurement.
Therefore, I concluded that the selection of the "right" DNS server has a significant influence on my measurements.
In this respect, I do not understand why my observations are just dismissed as incorrect. Is there any possibility to share or upload my measurements and check them? Or am I simply still not understanding something?
Since I am currently only carrying out my measurements in the LAN via Ethernet cable with the WLAN switched off, I think I can rule out the possibility that any WLAN connections from the neighbourhood are causing the problem. Also, the broadband measurements always give me the information that approx. 1050 Mbit is available at my house connection.
I have already had discussions with the provider, with the result that the booked bandwidth is "available" at my house connection, which I was able to see for myself during a visit by the service technician.
Translated with www.DeepL.com/Translator (free version)
Therefore, I concluded that the selection of the "right" DNS server has a significant influence on my measurements.
I conclude your "measurement" doesn't work properly.
Is there any possibility to share or upload my measurements and check them? Or am I simply still not understanding something?
As much as it's a fact that the time for looking up the phone number has no influence on the quality of the phone call, it's a technical fact that DNS has no influence on bandwidth. 100% the same thing!
Again: I'm happy to help with eBlocker related questions. Your question is not related to eBlocker and maybe someone else wants to hop in to "explain how the Internet works". I'm out as this is beyond the scope of my support.
THX!
OK, if this is definitely not a problem with eblocker, I can understand why you can't go into it here.
Nevertheless, thank you for the feedback.
It's not an eBlocker issue because you found out that DNS provider A results in "low bandwidth" and DNS provider B results in "high bandwidth". The DNS provider is not part of eBlockerOS but your free choice. So there is no correlation of your findings to eBlockerOS at all.
You could even verify that eBlocker is not involved by setting the DNS manually in the OS of your client (not using eBlocker at all) and running your tests again. (see here for a how to on macOS - make sure eBlocker is paused when testing this: https://www.macinstruct.com/tutorials/how-to-change-your-macs-dns-servers/ )
Nevertheless, I'm with @random: Your "bandwidth test" seems to take the DNS resolving time falsely into account - even this is not making an impact on bandwidth. So I agree with his conclusion that your bandwidth test is not properly testing the bandwidth (but rather the loading time of a request - which is a very much different thing!).