Many people often look towards changing their DNS settings in order to improve their gaming experience on consoles like PS4, PS5, Xbox or PC. This is quite often due to a misunderstanding of what DNS is, how it works, and the factors that contribute to having a good online gaming experience.
tldr; just tell me what to use
What is DNS and how does it affect gaming?
DNS is short for Domain Name System, and for the most part it actually does not affect your gaming experience at all.
When you visit a website, watch online videos, or connect to gaming servers your computer will behind the scenes automatically convert domain names like www.example.com into an IP address like 192.168.2.1. This is a process known as a DNS lookup. These IP addresses are what computers and network devices use to communicate with each other while providing an easy to remember name for humans to use.
Once an IP address has been resolved, your device will store a cached copy of this address and continue to use it all future communication without needing to perform the DNS lookup again. The DNS lookup itself will typically take around 10 milliseconds to a properly configured DNS server on most standard home internet connections.
Your gaming experience after this initial process is complete no longer relies on DNS and has no impact on your active gaming session.
If DNS does not affect gaming then what does?
Download speeds: Most online games do not require fast download speeds while actually playing as the information coming in about the game world is typically very small and only contains information such as coordinates and state of other players. Download speeds are mostly important when initially downloading the games or installing updates.
Latency (ping): This is the most common issue and is commonly known as "lag". Having a high latency in games is often the result of connecting to servers which are physically located outside of your local area or region, or otherwise impacted by poor network routing making the path from you to the gaming server longer than desired.
It is important when choosing a gaming server to pick one located as close to you physically as possible. Information only having to travel through cables within your local city is going to be much faster than it having to travel through underwater cables on the other side of the world.
Bad Wi-Fi: Having a poor Wi-Fi signal or a connection with lots of interference is a very common cause of a bad gaming experience. If possible, use an Ethernet cable from your router directly to your gaming device for the best change at eliminating local network issues.
Network congestion: While fast download speeds themselves are typically not required for most online games, you do need to ensure that there is enough available capacity on your network as the closer you get to saturating your connection the more the network packets need to compete with each other for priority. While you may be able to control network congestion on your local network, it can also happen on networks higher up like your ISP may under-provision capacity particularly during peak times.
VPN: Many people use VPN services for privacy reasons or to appear as if you are connecting from another country or region. Remember that if you are routing your network traffic overseas then even if you are connecting to a local gaming server then your traffic may be leaving the country just to come back in again which can cause significant issues.
What are the best DNS servers to use?
In the majority of cases, sticking to the tried and tested DNS servers of the world's biggest network providers like Google or Cloudflare is typically going to provide the best results not only for gaming but for your general internet experience.
These network providers control massive parts of the underlying infrastructure of the internet and have many thousands of servers all around the world which provide the best performance, reliability and security for DNS.
In a recent blog post on APNIC, Verisign Principal Engineer Matt Thomas has written about how just a few lines of code in Chromium - the foundation for not only Google’s Chrome but also Microsoft Edge, Opera, Amazon Silk, and Brave, all of which account for about 70% of all browsers used today has affected the root DNS servers.
The "omnibox" feature makes up an estimated whopping 60 billion DNS queries a day, about half of all DNS root queries.
In almost any other scenario, this traffic would be indistinguishable from a distributed denial of service (DDoS) attack.
Chromium has a feature, known as the omnibox in which users can use a single input box to enter all sorts of requests such as a search query, website names and of course full URL's. The problem arises where the user may enter a single word term which could be interpreted as a search query or an Intranet address. For example, should "dns" perform a search query for the term "dns" or navigate to the page "http://dns/"?
This in itself first seems easy, the browser could in the background check to see if a DNS record can be resolved for the hostname or not. If it does, then navigate to the site or if not then perform a search. However, some networks or DNS servers provide a feature in which they fall back to a default address for all non-existent domains, and provide their own page that attempts to provide the user suggestion.
This is where the "Intranet Redirect Detector" comes in to play. The way it works is that it generates random hostnames such as "rociwefoie" each time the browser is started or DNS related system changes are detected. Three of these such hostnames are resolved by a DNS lookup and the results compared. If any two of the results match the same address, then the browser assumes that a redirector is in place so any time this address is resolved, it can be assumed as a redirect response and not a real Intranet site.
Digging into the source code explains the feature as below:
This component sends requests to three randomly generated, and thus likely nonexistent, hostnames. If at least two redirect to the same hostname, this suggests the ISP is hijacking NXDOMAIN, and the omnibox should treat similar redirected navigations as 'failed' when deciding whether to prompt the user with a 'did you mean to navigate' infobar for certain search inputs.
The article goes into details breaking down the likelihood of all queries of which they suspect are due to this feature by comparing them against what the code would generate, comparing it over time to the market share of Chromium based browsers as well as how the feature has evolved over time.
It is a very interesting read and incredible how such a small feature that so many of us use each day has such a large impact. For all the details, with more technical details be sure to check out the full article at APNIC.
The European Commission has released a call for tenders for a study on Domain Name System (DNS) abuse.
The study is set to be a 7-month analysis on the scope, impact and magnitude of DNS abuse. The study will offer a service contract of up to EUR 100,000 to the winning tender.
The study will focus primarily on the European market and any regulations and laws associated. However due to DNS being a global system, it is to assess it in a much broader sense keeping in mind how this may affect any decisions or recommendations put forward.
The analysis will provide an overview of any and all existing policies, laws, and common practices already being followed but will focus on DNS abuse in the form of cyber security threats as well as illegal and harmful content.
Once complete the aim is to provide recommendations on how to address any of the issues discovered in order to help guide future policy development.
Microsoft's latest Windows 10 Insider Preview build 20185 adds improved DNS configuration in network settings.
DNS settings made more accessible
DNS settings have been made more easily accessible and is now a top-level option in your network's properties page. This is sure to be useful when assisting less technical users how to update their DNS servers.
Encrypted DNS improvements
With this release, you can now gain access to encrypted DNS controls for when using DNS over HTTPS in the settings app.
In order to unlock this feature through the UI alone, you must use one of the approved servers from either Cloudflare, Google or Quad9.
If you would like to use a custom DNS over HTTPS server, then you will need to use the netsh command as documented in Microsoft's blog post.
Having encrypted DNS configurable through the UI is a welcome change, as previously this was only possible by a registry change and the command line. No doubt over time, even custom servers will be supported without the need to use the command line.
"We've identified the issue and are working on it. Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS). Your info isn't at risk. We're doing all we can to get you back online."
"The massive messaging storm that presented as a Denial of Service cyber-attack has been investigated by our security teams and we now believe that it was not malicious, but a Domain Name Server issue. We're really sorry for getting in the way of your weekend plans."
Google Public DNS is a global DNS service that is run by Google for the purpose of making the Internet and the DNS system faster, safer, secure, and more reliable for everyone online. This service is available for anyone to use, and is often faster and more reliable than using the DNS servers that your own ISP allocates to you.
More information on Google Public DNS and what 18.104.22.168 is for, check out the Google DNS page.