# why would you want to change your windows dns settings?



## keakar (Feb 23, 2015)

reading things about it I get confused if this is about finding the fastest internet connection and speed or is it about security and how is it more secure to change the dns server you use? I mean the server you use isn't really a security risk to you is it?


----------



## FordGT90Concept (Feb 23, 2015)

namebench will find the fastest but remember, that is subject to change (e.g. time of day).

In terms of security, if you're using one that has lots of errors or is intentionally wrong, google.com, for example, could point to a malicious website that looks and acts like the real google.com but, in fact, it's primary purpose is to steal your Google account login and password.  The only way you could find out if this is happening is comparing the IP address google.com resolves to compared to the DNS result from known-to-be-safe DNS server (e.g. Google's own).  Most people don't know/think to do this so it is potentially a major vulnerability.


----------



## Kursah (Feb 23, 2015)

I use OpenDNS Home for DNS filtering, it's as-fast-as Google in my experience, both of which are far better than my ISP (Charter). OpenDNS is nice because I can have control over what is and isn't accessed and it also does a good job in helping block known malware sites. A good DNS can go a long ways, and a sketchy or "fake" DNS can do some damage as Ford mentioned.


----------



## rooivalk (Feb 23, 2015)

In my case, our local ISPs have iron curtain policy which block a lot of things, so openDNS / dnscrypt is a godsend.

on the other hand I don't feel the speed difference between google, opendns, or default setting.


----------



## Mussels (Feb 23, 2015)

smaller ISP's often have faulty DNS, so an alternative can help. Generally it improves response times, but wont affect online game much.

It can also help if your ISP blocks or re-directs traffic - my ISP has torrent caches for example that boost torrent speeds (but in reality boosts some while crippling most), so changing to google DNS gets me more consistent speeds.


----------



## keakar (Feb 23, 2015)

ok, thanks guys, so its all about speed and access issues and not really much to do with security, that's what I wanted to clarify in my mind.

now I have a question, if I often get these "page cant be displayed" notices, are these a server traffic or limitation issue that can be cured with a better dns server?

I get these things often and its almost routine now to have to click on something twice before the website opens.


----------



## Ahhzz (Feb 23, 2015)

keakar said:


> ok, thanks guys, so its all about speed and access issues and not really much to do with security, that's what I wanted to clarify in my mind.
> 
> now I have a question, if I often get these "page cant be displayed" notices, are these a server traffic or limitation issue that can be cured with a better dns server?
> 
> I get these things often and its almost routine now to have to click on something twice before the website opens.


That's kind of a tricky question, as there are several things that can cause that, including the quality of your connection tot the internet, but also including a slow (or defective, or non-existent) response from your DNS server. All said, choosing a different DNS, like maybe Google's or one of the other "top tier" servers shouldn't really hurt you, and may help.


----------



## qubit (Feb 23, 2015)

FordGT90Concept said:


> In terms of security, if you're using one that has lots of errors or is intentionally wrong, google.com, for example, could point to a malicious website that looks and acts like the real google.com but, in fact, it's primary purpose is to steal your Google account login and password.  The only way you could find out if this is happening is comparing the IP address google.com resolves to compared to the DNS result from known-to-be-safe DNS server (e.g. Google's own).  Most people don't know/think to do this so it is potentially a major vulnerability.


Indeed, this risk is what DNSSEC standard is supposed to mitigate.

From what I know about IPv6, this has DNSSEC as part of the standard, so is much more secure.


----------



## keakar (Feb 23, 2015)

ok so what the best way to "shop" for a dns server choice?

I know im looking for the fastest speeds but so is everyone else so should I choose one say from the top 5-10 and avoid the top 5 because those are more crowded since everyone will be looking for the fastest?

and aside from looking the best speed, is there anything else I should be checking for to avoid?


----------



## FordGT90Concept (Feb 23, 2015)

keakar said:


> now I have a question, if I often get these "page cant be displayed" notices, are these a server traffic or limitation issue that can be cured with a better dns server?


Only if the problem is that the IP the DNS is pointing to is incorrect.  If that is the case, then yes, changing DNS servers can fix it.  If you can provide a domain name you're having problems with, one of us can try accessing it, get you the IP address for it, and you compare your DNS IP to ours to see if that's the problem.

To get the IP for any DNS, open up the command prompt and type the following followed by pressing enter: ping [domain name]

You'll see something like this:

```
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Admin>ping google.com

Pinging google.com [216.58.216.78] with 32 bytes of data:
Reply from 216.58.216.78: bytes=32 time=32ms TTL=56
Reply from 216.58.216.78: bytes=32 time=32ms TTL=56
Reply from 216.58.216.78: bytes=32 time=32ms TTL=56
Reply from 216.58.216.78: bytes=32 time=32ms TTL=56

Ping statistics for 216.58.216.78:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 32ms, Maximum = 32ms, Average = 32ms

C:\Users\Admin>
```
google.com is pointing to 216.58.216.78 and that information is obtained from the DNS I'm using.



keakar said:


> ok so what the best way to "shop" for a dns server choice?


Namebench is the best way I know of.

When it is done, it will give you three DNS servers.  I set them in my router and set all of my computers to default to the router.


----------



## keakar (Feb 23, 2015)

FordGT90Concept said:


> Only if the problem is that the IP the DNS is pointing to is incorrect.  If that is the case, then yes, changing DNS servers can fix it.  If you can provide a domain name you're having problems with, one of us can try accessing it, get you the IP address for it, and you compare your DNS IP to ours to see if that's the problem.



well its completely random, sometimes its TPU sometimes its yahoo mail, sometimes its a random google search site like walmart, ebay, or amazon, often it just takes a second or sometimes 3rd click to refresh and it works. and there are sometimes a website will load incomplete, only showing text but not content.

just this morning this website wouldn't fully load, what I mean by that is I could read this thread but the reply function hadn't loaded so I couldn't reply. 10 minutes later it was loading and working fine again. this is the kind of random things happening lately and I think its my ISP doing line maint or working on the servers


----------



## FordGT90Concept (Feb 23, 2015)

I verified all of these are working.
http://techpowerup.com = http://108.61.10.5
http://mail.yahoo.com = http://98.139.21.169
http://google.com = http://216.58.216.78
http://walmart.com = http://161.170.248.20
http://ebay.com = http://66.135.216.190
http://amazon.com = http://176.32.98.166

Note that WWW can direct to a different IP than non-WWW.  A lot of these sites redirect to their WWW subdomain.


----------



## rtwjunkie (Feb 23, 2015)

I found that the DNS for Charter would many times be unresponsive, or just plain couldn't be found. Changed the dns to the OpenDNS address and things have been flawless.


----------



## keakar (Feb 23, 2015)

well here are my namebench results: (there are 6 servers faster then mine)

SBC/AT&T Global US ----------- 88.8% faster
Google Public DNS ------------- 83.2% faster
Wtechlink/Pacinfo/AT&T-2 US - 65.5% faster
OpenDNS-2 -------------------- 48.8% faster
UltraDNS-2 --------------------- 44.0% faster
UU Cache-8 US ----------------- 18.6% faster

so from this list how do I judge the best choice? it cant be as simple as just picking the fastest one can it?


another strange note is there is a lot of stuff for every server category im not understanding like this:


twitter.com appears incorrect: 199.59.150.7, 199.59.148.82, 199.59.149.198, 199.59.148.10

www.google.com is hijacked: 173.194.219.147, 173.194.219.103, 173.194.219.106, 173.194.219.99, 173.194.219.104, 173.194.219.105
and this:


twitter.com appears incorrect: 199.16.156.6, 199.16.156.102, 199.16.156.38, 199.16.156.230

google.com appears incorrect: 4.35.2.153, 4.35.2.152, 4.35.2.148, 4.35.2.158, 4.35.2.183, 4.35.2.157, 4.35.2.177, 4.35.2.173, 4.35.2.162, 4.35.2.168, 4.35.2.163, 4.35.2.187, 4.35.2.182, 4.35.2.167, 4.35.2.172, 4.35.2.178

www.google.com is hijacked: 4.35.2.187, 4.35.2.178, 4.35.2.152, 4.35.2.173, 4.35.2.163, 4.35.2.168, 4.35.2.183, 4.35.2.172, 4.35.2.148, 4.35.2.177, 4.35.2.157, 4.35.2.153, 4.35.2.162, 4.35.2.158, 4.35.2.167, 4.35.2.182
are these just listed warnings about servers not to use because some show many addresses and some just a few?

also as a footnote I ran it only checking 50 queries instead of 250 to shorten the search time, im running the search again at the default 250 queries to see if anything changes


----------



## keakar (Feb 23, 2015)

well ok that's a HUGE difference in using a 50 queries search vs using 250 queries search, here are the results:



> *50 queries search*
> SBC/AT&T Global US ------------ 88.8% faster
> Google Public DNS -------------- 83.2% faster
> Wtechlink/Pacinfo/AT&T-2 US -- 65.5% faster
> ...





> *and the 250 queries search*
> SBC/AT&T Global-2 US --------- 20.7% faster
> SBC/AT&T Global US ----------- 18.3% faster
> Google Public DNS -------------- 3.6% faster
> ...


so based on these numbers what should I choose?


----------



## FordGT90Concept (Feb 23, 2015)

I'd use these two:
SBC/AT&T Global US ------------ 88.8% faster
Google Public DNS -------------- 83.2% faster

If your equipment supports a third, I'd throw OpenDNS-2 in there.


----------



## keakar (Feb 23, 2015)

FordGT90Concept said:


> I'd use these two:
> SBC/AT&T Global US ------------ 88.8% faster
> Google Public DNS -------------- 83.2% faster
> 
> If your equipment supports a third, I'd throw OpenDNS-2 in there.



but isn't the 250 queries search more accurate so the real numbers show

SBC/AT&T Global-2 US --------- 20.7% faster
SBC/AT&T Global US ----------- 18.3% faster

are the fastest?  im not sure if that first search result can be trusted since I changed the settings? would it give a better true picture if I set it to run a 500 queries search or even 1000?

but I gather your point is just to use the top two that shows the fastest numbers

we have 3 computers on a home network through a router so I will be setting up the router to use the new dns


----------



## keakar (Feb 23, 2015)

well if I understand how it works, the more queries you use the better and more accurate the test is for true internet speeds so im going to redo it for 2500 queries and just to confirm the at&t servers are still showing as the fastest by far for my area


----------



## keakar (Feb 24, 2015)

ok so last night I ran more tests with namebench and found that my dns was the fastest all night long starting from about 8pm central time, yet during the day many others are as much as 50%-80% faster.

it also looks like the larger pool of queries used for the test greatly reduces any differences and when I get to 1000 or more queries any difference higher is in the single digits or 50% or more slower.

sticking with the default queries number of 250 it looks like im fastest at night and half the speed of others during the day.

since im not interested in going in and switching these things all the time I guess staying with my default dns is the best "overall" setup

if anyone has advice about this and my observations with namebench please share

thank you


----------



## FordGT90Concept (Feb 24, 2015)

Computers rarely hammer a DNS with a thousand queries in a few seconds.


----------



## keakar (Feb 24, 2015)

FordGT90Concept said:


> Computers rarely hammer a DNS with a thousand queries in a few seconds.



I though it was speed checks so if you set it to more, then the more accurate the speed readings will be?

I also noticed I get a big jump in higher speed numbers and completely different results if I don't select the censorship checks


----------



## FordGT90Concept (Feb 24, 2015)

You're probably seeing the limitations of your internet connection more so than the limitations of the DNS servers themselves by doing so many queries.  250 is more than sufficient.


----------



## Daemmon (Feb 24, 2015)

I... actually would be interested in the real times that the tool used for comparison. +80% of a few ms will make 0 difference. I always pick google ones as they are easy to remember 8.8.8.8 / 8.8.4.4, very rarely fail and is very safe.



keakar said:


> well its completely random, sometimes its TPU sometimes its yahoo mail, sometimes its a random google search site like walmart, ebay, or amazon, often it just takes a second or sometimes 3rd click to refresh and it works. and there are sometimes a website will load incomplete, only showing text but not content.



That issue is most likely other stuff rather than DNS issues. Chrome will even tell you that the DNS couldn't resolve properly while accessing webpages and the DNS query fails. I'd do some extra internet troubleshooting before going crazy on DNS.


----------



## keakar (Feb 24, 2015)

FordGT90Concept said:


> You're probably seeing the limitations of your internet connection more so than the limitations of the DNS servers themselves by doing so many queries.  250 is more than sufficient.



ahh ok, so im getting false readings and maybe im being throttled by my dns and that's why the numbers drop so much lower? that makes sense

so it might be best to switch over to something like the open dns and then rerun the test to get more accurate results?


----------



## Daemmon (Feb 24, 2015)

keakar said:


> ahh ok, so im getting false readings and maybe im being throttled by my dns and that's why the numbers drop so much lower? that makes sense
> 
> so it might be best to switch over to something like the open dns and then rerun the test to get more accurate results?



There is no such thing as "DNS throttling". Queries aren't send on every single packet, once it's done it's cached for a while by the OS. Also, no packets pass thru the DNS, so it can't throttle your connection.


----------



## keakar (Feb 24, 2015)

Daemmon said:


> There is no such thing as "DNS throttling". Queries aren't send on every single packet, once it's done it's cached for a while by the OS. Also, no packets pass thru the DNS, so it can't throttle your connection.



ok, I guess im just not fully understanding the actual process but its not important as long as im sticking with the default 250 queries im doing it right.

the end results I am seeing are so wildly different each time, that im not sure which of these results can be trusted.

different times of the day you get different lists and I understand this is because of usage habits when people get off of work vs being at work but beyond that, I can run two test 10 minutes apart and get a 20% or more change in the order and speeds of dns servers listed and where they are on the list.

because of this im not sure how to formulate a choice to pick as better or worse then my default dns.

do I just do a handful of tests each hour or couple of hours and average it all out?

and if im only looking at say a 10% or less difference, is it worth changing dns just for that small change? or is that not as small a change as I am thinking it is?


----------



## Daemmon (Feb 24, 2015)

Use 8.8.8.8 as primary, 8.8.4.4 as secondary. Those are the Google ones.
If issues persist then keep posting, doing pings, traces etc as the issue is probably on another part of the connection (which I'm fairly confident it is).


----------



## keakar (Feb 25, 2015)

well I suspect its the regional lines being worked on or something because its like one or two websites go out for a few minutes and then it can connect again, almost like somewhere between me and a central hub or something there is temporarily downed connection which then comes back on again.

this morning it was TPU and SUBSIM and subsim is in texas so I suspect im losing certain "sections" of networks momentarily on occasion but its like only for a minute or two and not every day. some days it happens two or three times and sometimes its fine for a week without an issue. I regularly use around 6-8 websites every day so this is where I notice things having "hiccups" in connecting.

these connection problems are more of a side note and not my main concern or why im looking into the dns thing, im doing it because I was told I can be faster going to a dns I select rather then letting my ISP do it for me.

while learning about this I was just wondering if switching dns might also be an "accidental" cure for these hiccups im seeing, so I asked about this. these hiccups requiring a second click started about a year ago but recently got worse about a few weeks ago when my ISP started upgrading servers and doing system maint on the lines so when something fails to connect now it takes like a full minute or two before it connects when clicked.


----------



## Daemmon (Feb 25, 2015)

keakar said:


> well I suspect its the regional lines being worked on or something because its like one or two websites go out for a few minutes and then it can connect again, almost like somewhere between me and a central hub or something there is temporarily downed connection which then comes back on again.
> 
> this morning it was TPU and SUBSIM and subsim is in texas so I suspect im losing certain "sections" of networks momentarily on occasion but its like only for a minute or two and not every day. some days it happens two or three times and sometimes its fine for a week without an issue. I regularly use around 6-8 websites every day so this is where I notice things having "hiccups" in connecting.
> 
> ...



Nodes get saturated sometimes, or peering issues may start at certain times of the day. The "second click" needed to open a link can derive from other issues (ranging from DNS to malware) . 

Do the following steps please:

1) Download WinMTR http://sourceforge.net/projects/winmtr/files/WinMTR-v092.zip/download
2) Open it, go to options and put 1.0 sec as interval.
3) _*While you're having issues*_ with TPU, type " www.techpowerup.com " on host and click start.
4) Leave it running for 500-1000 packets.
5) Click the "Copy text to clipboard" button and paste it here.

This is basically a tracert but with some extra features and more than 3 packets. Helps to identify where the issue may be and then we can try to fix it


----------



## keakar (Feb 25, 2015)

Daemmon said:


> Nodes get saturated sometimes, or peering issues may start at certain times of the day. The "second click" needed to open a link can derive from other issues (ranging from DNS to malware) .
> 
> Do the following steps please:
> 
> ...



ok, will do. I just hope it happens again soon, its like showing a mechanic an engine noise, as soon as you try to recreate it on purpose it doesnt want to act up again lol.

I don't think its computer related since I think the other computers get this issue as well but its hard to say since they don't go to the same websites that I do but they have said now and then they cant connect to a website they are trying to reach

now the setup I have is a cable modem with router then 3 computers running off of the router

so do I change the router to increase speeds or is the gateway really through the modem?

I read something somewhere on a Q&A list that suggested the modem had to be looked at as the gateway but I couldn't follow or understand the brief comments about it much


----------



## keakar (Feb 25, 2015)

) Download WinMTR http://sourceforge.net/projects/winmtr/files/WinMTR-v092.zip/download - Done
2) Open it, go to options and put 1.0 sec as interval. - was already set this way
3) _*While you're having issues*_ with TPU, type " www.techpowerup.com " on host and click start. - did it with yahoo mail that was acting up
4) Leave it running for 500-1000 packets. - stopped it at 500
5) Click the "Copy text to clipboard" button and paste it here. - did this and it did nothing and created nothing but using "export text" made a copy of the report

the "no response from host" is what always shows when it cannot connect to a website

report as follows:

|------------------------------------------------------------------------------------------|
|  WinMTR statistics  |
|  Host  ------------------------------------  % | Sent | Recv | Best | Avrg | Wrst | Last |

| My DNS address ---------------------------------- 0 | 530 | 530 | 0 | 0 | 1 | 1 |
| No response from host --------------------------- 100 | 108 | 0 | 0 | 0 | 0 | 0 |
| 10.0.1.5 ----------------------------------- 1 | 532 | 531 | 10 | 110 | 318 | 255 |
| No response from host --------------------------- 100 | 108 | 0 | 0 | 0 | 0 | 0 |
|  ae-2-70.edge1.Washington1.Level3.net -  0 |  536 |  536 |  36 |  137 |  313 |  234 |
|  ae-2-70.edge1.Washington1.Level3.net -  0 |  536 |  536 |  35 |  136 |  308 |  138 |
|  146.82.54.206 -----------------------------  0 |  536 |  536 |  54 |  161 |  389 |  301 |
|  ae-0.pat1.nyc.yahoo.com -----------------  1 |  532 |  531 |  66 |  168 |  357 |  302 |
|  ae-2.pat1.bfz.yahoo.com -----------------  1 |  532 |  531 |  53 |  159 |  470 |  317 |
|  ae-4.msr1.bf1.yahoo.com ----------------  1 |  533 |  532 |  55 |  154 |  370 |  299 |
|  xe-1-3-1.clr1-a-gdc.bf1.yahoo.com ------  1 |  532 |  531 |  54 |  157 |  391 |  96 |
|  UNKNOWN-72-30-22-X.yahoo.com -----  0 |  536 |  536 |  56 |  159 |  364 |  312 |
|  po-10.bas2-2-cld.bf1.yahoo.com --------  0 |  536 |  536 |  54 |  156 |  358 |  187 |
|  ats1.member.vip.bf1.yahoo.com ---------  0 |  536 |  536 |  56 |  161 |  340 |  262 |
|________________________________________________|______|______|______|______|______|______|
  WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider


----------



## Steevo (Feb 25, 2015)

rtwjunkie said:


> I found that the DNS for Charter would many times be unresponsive, or just plain couldn't be found. Changed the dns to the OpenDNS address and things have been flawless.




Just a FYI they have been testing cached DNS proxying/hijacking,  where you may resolve a page served up by Charters DNS servers if they see the DNS response and don't like it, I have seen this twice and it seems to be at the main hub that its happening. 

http://www.dslreports.com/forum/r17871432-Charter-Corrupting-DNS-protocol-ie-hijacking-hosts-

I had to call and go through two layers of shit to get them to exclude my IP, so now I actually return accurate results.


----------



## Daemmon (Feb 26, 2015)

keakar said:


> ) Download WinMTR http://sourceforge.net/projects/winmtr/files/WinMTR-v092.zip/download - Done
> 2) Open it, go to options and put 1.0 sec as interval. - was already set this way
> 3) _*While you're having issues*_ with TPU, type " www.techpowerup.com " on host and click start. - did it with yahoo mail that was acting up
> 4) Leave it running for 500-1000 packets. - stopped it at 500
> ...



The "No Response from Host" and some of the "packet loss" is just ICMP not being enabled on certain hops and some mitigation, nothing weird. While you did this MTR you had this issue? Because I can see a huge variance on latency (56-340 with 161 avg) but 0% packet loss... only compare the 530/530 you sent/recv from your ip against the 536/536 sent/recv from Yahoo.

If there was an issue browsing during this MTR then I'd point the issue to malware/spyware.


----------



## keakar (Feb 26, 2015)

well it was hanging up for the first minute then it would half load the page during the second minute but around the 3 minute mark it was working ok

it wasn't a very good test, but it is on par for the kind stuff im running into

I just assume its the servers on the other end holding things up, not my connections but then I don't know anything about all this network stuff so I guess anything is possible


----------



## Daemmon (Feb 26, 2015)

Packets send/received are working flawlessly. Your ISP/Modem/Router/DNS/Hops... everything works correctly on that trace.

Run some adw/malw cleaner, adwcleaner and/or malwarebytes are what I'd normally recommend.
Also, check for plugins/extensions on your browser, specially if you're using Chrome.

If you find anything that you can't repair/remove I'd suggest google+posting on specific forums for spyware/malware issues. There are several known ones that will be very helpful. Specially with more advanced tools.

PS: Spikes can be somewhat common, and 340ms highest packets are not good, but not enough to drop an established connection and make a webpage to half load / not load correctly.


----------



## keakar (Feb 26, 2015)

Daemmon said:


> Run some adw/malw cleaner, adwcleaner and/or malwarebytes are what I'd normally recommend.
> Also, check for plugins/extensions on your browser, specially if you're using Chrome.



every day before I shut the computer off I always run:
superantispyware
registry cleaner - to clean registry and remove any browser objects (which I remove all) or startup ad-ons (of which I only leave avast on that list)
malwarebytes
internet options - to clean browser history
windows disk cleanup
ccleaner

so its not that im not cleaning things up

this morning it just did it for tacomaworld.com so I ran the test and this is the result:

|------------------------------------------------------------------------------------------|
|  WinMTR statistics  |
|  Host  -------------------------------------  %  | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
|  my dns address ------------------------------------------  0 |  692 |  692 |  0 |  0 |  1 |  0 |
|  No response from host ----------------------------------  100 |  140 |  0 |  0 |  0 |  0 |  0 |
|  10.0.1.5 --------------------------------------------  3 |  648 |  635 |  10 |  67 |  359 |  13 |
|  No response from host ----------------------------------  100 |  140 |  0 |  0 |  0 |  0 |  0 |
|  ae-2-70.edge1.Washington4.Level3.net ----------  3 |  645 |  631 |  35 |  96 |  380 |  37 |
|  ae-2-70.edge1.Washington4.Level3.net ----------  2 |  657 |  646 |  35 |  94 |  380 |  37 |
|SOFTLAYER-T.edge1.Washington4.Level3.net --  3 |  648 |  635 |  47 |  107 |  381 |  197 |
|  ae7.bbr01.eq01.wdc02.networklayer.com ------  3 |  641 |  626 |  48 |  105 |  397 |  166 |
|  ae0.bbr01.tl01.atl01.networklayer.com -----------  3 |  644 |  630 |  46 |  103 |  384 |  66 |
|  ae13.bbr02.eq01.dal03.networklayer.com --------  3 |  648 |  635 |  47 |  103 |  371 |  48 |
|  ae1.dar01.sr01.dal01.networklayer.com -----------  3 |  649 |  636 |  47 |  103 |  400 |  66 |
|  po1.fcr04.sr05.dal01.networklayer.com -----------  2 |  664 |  655 |  47 |  103 |  375 |  72 |
|  mail.tacomaworld.com -----------------------------  3 |  649 |  636 |  47 |  102 |  395 |  67 |
|________________________________________________|______|______|______|______|______|______|
  WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider

it was working when I rechecked it just before ending the test but it was hanging up for a few minutes solid this time

here is a better example, this one was off for about 5 minutes:

for burgerking.com:

|------------------------------------------------------------------------------------------|
|  WinMTR statistics  |
|  Host  -----------------------------------------  %  | Sent | Recv | Best | Avrg | Wrst | Last |
|--------------------------------------------------------|------|------|------|------|------|------|
|  my dns address ------------------------------------------  11 |  501 |  446 |  0 |  0 |  1 |  0 |
|  No response from host -----------------------------------  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  10.0.1.5 --------------------------------------------  4 |  636 |  614 |  10 |  83 |  842 |  240 |
|  No response from host -----------------------------------  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  ae-4-90.edge2.Washington1.Level3.net -----------  40 |  282 |  171 |  0 |  97 |  262 |  85 |
|  ae-4-90.edge2.Washington1.Level3.net -----------  32 |  321 |  219 |  0 |  97 |  275 |  87 |
| AMAZON.COM.edge2.Washington1.Level3.net -- 3 |  650 |  631 |  36 |  109 | 2661 |  87 |
|  72.21.220.151 -----------------------------------  4 |  644 |  624 |  39 |  114 | 2650 |  129 |
|  72.21.222.157 -------------------------------------  4 |  631 |  608 |  40 |  116 | 2749 |  90 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  145 |  0 |  0 |  0 |  0 |  0 |
|________________________________________________|______|______|______|______|______|______|
  WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider

and for bk.com:

|------------------------------------------------------------------------------------------|
|  WinMTR statistics  |
|  Host  ----------------------------------------  %  | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
|  192.168.2.1 ---------------------------------------------  12 |  504 |  445 |  0 |  0 |  1 |  0 |
|  No response from host ---------------------------------  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  10.0.1.5 -------------------------------------------  4 |  661 |  640 |  10 |  89 | 2557 |  77 |
|  No response from host ----------------------------------  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  ae-3-80.edge3.Washington1.Level3.net --------  4 |  663 |  643 |  34 |  113 | 2201 |  87 |
|  ae-3-80.edge3.Washington1.Level3.net --------  4 |  655 |  633 |  34 |  112 | 2645 |  62 |
| AMAZON.COM.edge3.Washington1.Level3.net -  4 |  644 |  619 |  35 |  106 |  930 |  86 |
|  72.21.220.127 -----------------------------------  4 |  652 |  629 |  39 |  110 | 1262 |  138 |
|  205.251.245.236 ----------------------------------  5 |  620 |  589 |  38 |  112 | 2650 |  70 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|  No response from host -  100 |  149 |  0 |  0 |  0 |  0 |  0 |
|________________________________________________|______|______|______|______|______|______|
  WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider

hope this helps confirm whats going on


----------



## Daemmon (Feb 26, 2015)

Both burgerking.com and bk.com have ICMP disabled, so those won't be of much help.

But on the first one:

| 10.0.1.5 -------------------------------------------- 3 | 648 | 635 | 10 | 67 | 359 | 13 |

Do you have any idea what this IP is?

Router? Modem? First hop outside your local connection? That's where all he problem starts with the spikes and 3% packet lost.


----------



## keakar (Feb 26, 2015)

Daemmon said:


> Both burgerking.com and bk.com have ICMP disabled, so those won't be of much help.
> 
> But on the first one:
> 
> ...



I have no idea what 10.0.1.5 is at all but i'll google it and see what comes up.

ok its America/Los_Angeles (UTC-8) and this is all I see about it: https://db-ip.com/10.0.1.5

I also see some stuff mentioning "cloud" in reference to this number


----------



## R-T-B (Feb 26, 2015)

It's a private address.  Googling it won't be of any use, as it's likely specific to your setup or ISP.


----------



## Daemmon (Feb 26, 2015)

Yeah, it's most likely a local LAN component or one of the first hops on your ISP.


----------



## keakar (Feb 27, 2015)

so this delay to connect stuff all looks like outside delays along the pathways and nothing to do with my settings or anything in my control then huh?


----------



## Daemmon (Feb 27, 2015)

keakar said:


> so this delay to connect stuff all looks like outside delays along the pathways and nothing to do with my settings or anything in my control then huh?



It really depends what that IP is. If it's a router or your modem or anything like that then it's something probably on your side and you may be able to fix it.

If it's one of your ISPs first hops then you should call your ISP, tell your issue and forward this MTRs to them so that they can see what the issue is.


----------



## keakar (Feb 27, 2015)

Daemmon said:


> It really depends what that IP is. If it's a router or your modem or anything like that then it's something probably on your side and you may be able to fix it.
> 
> If it's one of your ISPs first hops then you should call your ISP, tell your issue and forward this MTRs to them so that they can see what the issue is.



well that IP is nothing on my end but I cant speak for my ISP, I can say that is not the number my router or modem use

as I mentioned earlier in the post, I have a cable modem then a router which feeds 3 computers, 2 hard wired and one wirelessly

another key thing to point out is when these things happen its NOT my connection to the internet, its certain sites I am trying to connect to when I am on the internet, that dont respond and give me the white screen saying "unable to connect blah blah blah" so its often just one or maybe two sites may not be responding for a minute or two or sometimes 5-10 minutes and while they mat not work, if I try 3 or 4 other links to different websites, they will be working fine and instantly connect


----------



## keakar (Mar 2, 2015)

ok, I will try to ask this question one final time. I asked several times and it was never answered. (most likely because my posts are so long and ask several questions)

I have a cable modem with a separate router and there are three computers connected to this router, so ... where do I want to go to change the dns for all of them at once? router? modem? every single separate computer?


----------



## Ahhzz (Mar 2, 2015)

you can't really change for all of them at once. The cable modem gets its dns from the ISP. The router's DNS is likely set to pull from the Modem, but you could manually set it to something else. The PCs most likely look to the router for their DNS, so changing the router, would likely change the PCs.


----------



## keakar (Mar 2, 2015)

ok so then there is really no way for me to truly change my dns for better speeds then, since the modem is the core gateway and it will always do what it wants to do and use its dns connection no matter what and I cant change that, or am I thinking about how this dns setting thing works in the wrong way?


----------



## ChristTheGreat (Mar 2, 2015)

keakar said:


> ok so then there is really no way for me to truly change my dns for better speeds then, since the modem is the core gateway and it will always do what it wants to do and use its dns connection no matter what and I cant change that, or am I thinking about how this dns setting thing works in the wrong way?



if you set your computer a static DNS, it won't use the one from your ISP, as you computer will ask (example) 8.8.8.8 to resolve. The only thing, is that you need your internal IP + gateway (router) and the Router will use his IP, then will route traffic to the gateway and will ask to get an answer from 8.8.8.8 to resolve.

could you do a http://www.pingtest.net/ to test your ISP?



FordGT90Concept said:


> I verified all of these are working.
> http://techpowerup.com = http://108.61.10.5
> http://mail.yahoo.com = http://98.139.21.169
> http://google.com = http://216.58.216.78
> ...



Just for info, some people might not know aswell, there is also Geolocalisation. Traffic will be routed to the closest server for some company. Like google, on my side, google.com will resolve to 173.194.123.0 , 1,2,3,4,5,6,7,8,9,14

cmd line: nslookup domainname   , will give you all IP it will answer from. but like I said, some will have the same as other people ,but like google, you might not have the same. I think also microsoft is similar

https://www.grc.com/dns/benchmark.htm  is also a nice tool for DNS benchmark.


Personally, I used my Videotron DNS but for kid computer, I put openDNS with filtering. I did the same for a customer. At work, we use google DNS for our iDRAC or any oter remote management that doesn't need local resolve


----------



## Daemmon (Mar 4, 2015)

keakar said:


> I have a cable modem with a separate router and there are three computers connected to this router, so ... where do I want to go to change the dns for all of them at once? router? modem? every single separate computer?



Router. You probably have no access to modem config, and even if you had you normally can't change that much.

Router DNS configuration will override the ISP ones on most scenarios. If you don't know how to do it, post Brand/Model (of Router) and I'll look into it.


----------



## keakar (Mar 4, 2015)

Daemmon said:


> Router. You probably have no access to modem config, and even if you had you normally can't change that much.
> 
> Router DNS configuration will override the ISP ones on most scenarios. If you don't know how to do it, post Brand/Model (of Router) and I'll look into it.



I just went and set each individual computer to use open dns and so I don't need to mess with the router now. I did a week long test day and night one two different computers side by side and open dns always connected with no issues while auto detect ISP dns couldn't or had random issues.

I knew switching to open dns would stop my connection issues, but I just wanted to figure out and understand what was going on with the connection I had with auto detect through the ISP and I still don't know that.

im left to just "assume" that the ISP are sending me through a slow heavily overpopulated dns server (because its the cheapest to use) and that was the whole issue.

I want to thank everyone for helping me, I learned a lot here and still don't know a lot, but I know more about things I don't know about, if that makes any sense, lol.


----------



## Daemmon (Mar 5, 2015)

keakar said:


> I just went and set each individual computer to use open dns and so I don't need to mess with the router now. I did a week long test day and night one two different computers side by side and open dns always connected with no issues while auto detect ISP dns couldn't or had random issues.



Have you tested doing a nslookup to check what is the DNS resolving domains? Just go into cmd and type "nslookup" it will tell you what DNS is active and resolving currently.

If DNS are set to "automatic" on the router then probably the PC ones are being used, else it's probably using the ones configured on the router.


----------



## keakar (Mar 6, 2015)

yep the router is set to auto detect


----------

