Some Internet security companies are warning of a major Internet failure on Nov 8th as some state sponsored entities may try to block USA voting results information, i.e., exit polls and such. No one knows if such outages will or won’t happen. But, there is a significant probability some actors will try to take down parts of the Internet. Thus security companies are warnings to their clients.
Some of the security companies are recommending mission critical sites setup secondary DNS services to survive DDoS attacks on the primary DNS system. So, I’ll provide some steps you can take for free.
What’s DNS?
DNS = Domain Naming System. This is like old phonebooks that had everybody’s phone number. Look up a name and get a phone number. With DNS we type in a URL, like http://www.secondlife.com. The computer looks in our network setup to see which DNS server to use. It calls that server and asks for the IP Address of secondlife.com. It uses that address to call and connect to the SL server.
If you want to watch it at work open a commend window. Type CMD in Windows 10 “Ask me anything” field in the lower left of your screen. You’ll see Command Prompt, desktop app come up in a menu. Click it to open it. Type nslookup secondlife.com. The result is something like the above image.
The line starting with Server: tells you which server was used to get the address. Under the line labeled Address: gives the IP Address of the server.
The ‘Non-authoritative answer:’ tells you this is an address cached by Google. An ‘Authoritative answer:’ is an address that comes from the root DNS servers, those with the final answer. The IP Address 216.82.8.56 is the address your computer needs to talk with the SL servers.
What do We Do if DNS Goes Down?
Usually we do without the Internet. We are down. But, we can change to a live DNS server and keep going.
To do that we need to get a list of alternate DNS services. If the service we use goes down, we switch to an alternate. So, how do we do that?
Each ISP has a DNS service they provide to their subscribers. For instance, COX Internet has a list of their servers. They list 3 primary servers.
- Primary DNS: 68.1.16.107
- East Coast DNS: 68.1.16.108
- West Coast DNS: 68.111.106.68
But, COX to some extent relies on other DNS servers. So, while they cache the common web addresses they are dependent on external DNS servers to fill in the less common addresses. But, Google caches a lot of addresses. So, it is considered a good, fast, reliable DNS server.
Google DNS Server Addresses
- 8.8.8
- 8.4.4
A list of other DNS servers:
Provider | Primary DNS Server | Secondary DNS Server |
8.8.8.8 | 8.8.4.4 | |
DNS.WATCH | 84.200.69.80 | 84.200.70.40 |
Comodo Secure DNS | 8.26.56.26 | 8.20.247.20 |
OpenDNS Home | 208.67.222.222 | 208.67.220.220 |
A list of 48,516 public DNS servers is here. Download this information. If you lose Internet, you won’t be able to look this stuff up.
Changing DNS
In Windows 10 type network and select Network and Sharing Center. Next select Change adapter settings, on the left. Right-click you network icon (usually Ehternet) and select Properties. That will open a panel like this:
Select the TCP/IPv4 as it is the easiest to change. Then click Properties.
In the property panel replace the value in the Preferred DNS Server with the alternate server’s address.
You can see I regularly use Google’s DNS server. If it has a problem my computer drops back to the Alternate DNS Server, which in my case is a COX DNS server.
OK your way out. You should be good. You can open the command window and type the nslookup command to see if the change took.
Which DNS Server?
There is no way to know which servers will be hit or go down. Picking a server during an outage is a trail and error process. The NSLOOKUP app is a good tool for testing which servers are working. Personally, I’m betting on Google. But, I’m also jaded enough to worry the Clinton supporters at Google will, as they have been caught tweaking search suggestions, use the opportunity to down some sites.
For the Geeks
The real geeks already know this. But, for those wanna be geeks… the NSLOOKUP app is a handy tool. To learn how to use it read: Using NSLOOKUP for DNS Server diagnosis.
Summary
With any luck you won’t need this information. However, if you do need it, you cannot get it after the event starts. So, be prepared. Download this page and the list of DNS servers.
Don’t forget to change TCP/IPv6 as well, need different address though.
For example: Google’s DNS IPv6 is 2001:4860:4860::8888 and alternatively 2001:4860:4860::8844
Wonderful post! We are linking to this great article on our site. Keep up the great writing.
Hey, thanks for sharing such unique content. I actually bookmarked that link, for my further assistance, and will definitely share it with my friend. Thanks for sharing the valuable content.