Google Public DNS Timeout
1,188 views
Skip to first unread message
dave....@gmail.com
Sep 2, 2016, 8:30:25 AM9/2/16
to public-dns-discuss
Hi,
We have configured our WiFi Guest system to point to the Google Public DNS servers 8.8.8.8 and 8.8.4.4.
The Wifi Guest system is configured to Proxy DNS requests from the clients. When we get over 100 clients connected, DNS requests begin to timeout. When we change the WiFi Guest system to point to our local ISP DNS servers, it works fine.
I'm thinking that we are hitting the Google Public DNS QPS limits, perhaps because the WiFi Guest system is looking like a single client.
Is there anything that we can do to fix this? (i.e. Is there a way to whitelist our WiFi Guest system?)
Thanks,
David
We have configured our WiFi Guest system to point to the Google Public DNS servers 8.8.8.8 and 8.8.4.4.
The Wifi Guest system is configured to Proxy DNS requests from the clients. When we get over 100 clients connected, DNS requests begin to timeout. When we change the WiFi Guest system to point to our local ISP DNS servers, it works fine.
I'm thinking that we are hitting the Google Public DNS QPS limits, perhaps because the WiFi Guest system is looking like a single client.
Is there anything that we can do to fix this? (i.e. Is there a way to whitelist our WiFi Guest system?)
Thanks,
David
Alex Dupuy
Sep 2, 2016, 12:11:44 PM9/2/16
to public-dns-discuss, dave....@gmail.com
It is possible for us to whitelist (increase QPS limit) a proxy IP address for a corporate guest network. Open an issue at https://code.google.com/a/google.com/p/public-dns/issues/entry and provide the following information:
- Company name
- Contact name and e-mail address at that company's domain (not @gmail.com, hotmail.com, mail.yahoo.com, etc.)
- Proxy/resolver IP address(es), and an estimate of peak QPS
- GWhois listing for corporate domain, e.g. https://gwhois.org/example.com+dns (should correspond to contact e-mail domain)
- GWhois listing for proxy/resolver IP address, e.g. https://gwhois.org/93.184.216.34+dns or https://gwhois.org/2606%3A2800%3A220%3A1%3A248%3A1893%3A25c8%3A1946+dns
and ensuring that those provide some indication that the addresses requested for whitelisting are in fact allocated to you (PTR records are helpful here, although not strictly required as they can be difficult to get from some ISPs).
Alex Dupuy
Sep 2, 2016, 12:24:14 PM9/2/16
to public-dns-discuss, dave....@gmail.com
Note that you can often avoid the need for whitelisting at all, by having the DHCP server on your guest network return the Google Public DNS IP addresses, and implementing a bi-directionally transparent DNS proxy (with a sufficiently large address pool for IPv4 NAT). In that approach, the per-IP QPS limits are applied to different host IP addresses so the default 100QPS may be sufficient for your normal traffic.
Reply all
Reply to author
Forward
0 new messages