Cloudflare

1.1.1.1

1-1-1-1-cloudflare

Cloudflare, a very popular CDN service company recently partnered with APNIC and announced a new and secure DNS resolver at a prestige network address, 1.1.1.1. User data is an important asset for the DNS provider, some of them even sell data to other parties. The misuse of user data from facebook.com by Cambridge Analytica is the latest example of what can happen when someone has access to your data. Lots of similar incidents happened in the past several years. This might be the revolutionary step taken by Cloudflare and APNIC to stop giving access to your data. If you have no idea what I’m actually talking about, let’s have a look at the basics.

What is a Domain Name System (DNS) and how does it work?

Think about the contacts on your mobile phone. It stores all the numbers with specific names. A Domain Name System, also known as DNS is similar but acts as an network-based list. When you try to visit a website, it calls the DNS to lookup for the servers where the contents are stored. A DNS provides the same services that you can look up on the internet. There are some steps that take just a few milliseconds to complete the browsing process when you request to visit a website, e.g. google.com:

  • Requesting info: The process begins when you ask your browser to resolve a web address. The browser looks up at the local DNS cache and then performs a DNS query to find the nearest server of your request.
  • Asking the recursive DNS server: If you haven’t visited the site recently, there will be no local cache, means it will ask the recursive server of your ISP.
  • Asking the root name servers: If it’s not cached your ISP server it will query the root name server. Name servers are like telephone switches, they don’t have the data but they know where to find it and link us to that server.
  • Asking the authoritative DNS servers: When a name server forwards the request with a TLD service it directs our query to authoritative name servers. These are the servers responsible for knowing the DNS records and where the file is stored.
  • Getting the answer: Authoritative name servers forward the request to the server where the file is located and then your browser retrieves the information to complete the browsing process.

What will 1.1.1.1 do for you?

There are other DNS server available such as Google’s 8.8.8.8 public DNS to minimize the time to get the information from the server. However, the biggest advantage that comes with Cloudflare’s 1.1.1.1 is the privacy protection. When your browser looks up for a DNS request your ISP and DNS providers could read and access all your data (and eventually sell it to others). To get rid of this, Cloudflare wipes all DNS caches in 24 hours and announced not to use DNS logs and IP addresses for sending targeted ads. It will also protect your privacy by adding support for DNS-over-TLS and DNS-over-HTTPS. DNS-over-TLS takes the existing, insecure DNS protocol and adds a transport layer encryption. DNS-over-HTTPS includes not only security, it also supports forthcoming internet protocols such as Quick QUIC and HTTP/2 Server Push. Cloudflare’s CEO Matthew Prince explained that they talked with the APNIC team about how they wanted to create a privacy first and fast DNS system, and 1.1.1.1 is the implementation of that partnership.

The two main benefits of using 1.1.1.1 as your DNS are:

  • Faster browsing speed: Cloudflare mentioned that they are working on building global servers, which means specific servers for all regions. Thus, the DNS request will take less and less time to respond and you will able to browse faster than ever.
  • Security and Privacy: Cloudflare’s encryption and data wiping methods will work together to ensure secure and private access of user’s data on the internet. As they promised to delete DNS caches every 24 hours and not use a local cache for targeting the advertisement, none of the information you enter on your computer can be backtracked by anyone.

How to set up 1.1.1.1

If you are ready to take the ride, you can start using Cloudflare’s new DNS service right now. If you’re already familiar with configuring Google’s public DNS service 8.8.8.8 then you probably won’t have any problems to set up Cloudflare’s service. Otherwise just follow the steps below how to set up the DNS on your computer.

To configure Cloudflare’s DNS on a Windows machine (using 10 in my steps):

    • Navigate to Network & Internet, Status
    • Click on Change adapter options.
    • Right-click on the connected LAN or Wi-Fi network that you’re currently using, then click Properties.
    • Select Internet Protocol Version 4 (or Version 6 if desired).
    • Click Properties.
    • Write down any existing DNS server entries for future reference.
    • Click on Use the following DNS Server addresses

Add or replace:

For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700:: 1111 and 2606:4700:4700:: 1001

Mac users can set it up from the System Preferences.

  • Search for DNS Servers and select it from the drop-down.
  • Click the + button to add a DNS Server and enter 1.1.1.1
  • Click + again and enter 1.0.0.1
  • Click Ok, then click Apply.

If you’re using a router at home or for your office network log in and find your DNS server settings. Once there, take a note of your existing DNS records and replace them with the following:

For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001

Restart your browser and/or router and you’re set. The next time your computers looks up a website, it will use the 1.1.1.1 DNS services.
More details and with fancy graphics: https://1.1.1.1