Global DNS Infrastructure

OpenDNS is the world’s most intelligent DNS service, keeping you safe online and enabling you to connect to the Internet with confidence from anywhere.

Our fast and always-reliable global network and advanced DNS software work together to offer a set of features custom-tailored to you, without requiring you to buy any hardware or install any software.

What is DNS?

DNS plays a critical part of almost every aspect of your Internet experience. Every time you visit a website, send an e-mail, or do almost anything on the Internet, DNS is there to help you get to the right place.

The best analogy for DNS is that of a phonebook. Where a phonebook indexes phone numbers, the DNS indexes IP addresses for websites. IP addresses are long strings of hard-to-remember numbers that act as the authoritative address for websites. DNS is critical because it’s much easier to remember http://www.opendns.com than it is to remember the IP address 208.69.38.160. The DNS works automatically, looking up the IP address for the website you want to visit. Over the course of one day, an average user might make 1,000 DNS requests.

Where does OpenDNS fit in?

Before OpenDNS launched in 2006, most people simply used the DNS service automatically provided by their Internet Service Provider (ISP). E-mail used to be this way too, before services like Hotmail, Yahoo! Mail and Gmail showed that a third-party service focused on delivering better service was possible. Nowadays, few people use their ISP for e-mail and the same is quickly becoming true for DNS.

Instead of operating DNS as a cost center like ISPs have to, OpenDNS is focused on delivering the best DNS service in the world. OpenDNS is built on four cornerstones: safety/security, speed, intelligence and reliability.

How do we keep you safe and secure online?

We’ve established that DNS is used in almost all online activities, helping you get to where you want to go. But traditional DNS doesn’t discriminate the good from the bad. Regular DNS doesn’t know the difference between http://www.paypal.com and a forged clone site, aiming to trick you into providing your sensitive personal information. OpenDNS not only knows the difference, but also gives you the tools to decide what to let in, and what to block. Think of it like a firewall for DNS. Using DNS as a filtering mechanism has powerful implications: phishing websites can be blocked from tricking users into giving up sensitive data and malware websites can be prevented from infecting computers. Moreover, it’s not just about preventing security threats from loading. Infected computers usually use DNS to try and “phone home” to a master computer for instructions, often leaking out confidential information, passwords, and files from computers. OpenDNS prevents that from happening, too.

With OpenDNS, tens of millions of Internet users are protected in a way that was never possible before.

Why are we fast?

Anycast routing, a sophisticated routing technology used by OpenDNS, makes sure you always talk to our nearest datacenter. And in effect, makes Web pages load faster, and your overall Internet experience faster.

Typically, an IP address routes to a single server somewhere, just like a phone number rings a single phone. With Anycast routing, however, we’re able to make an IP address exist on hundreds or even thousands of servers. And we’ve designed a network that will always make sure you are talking to the location nearest to you.

OpenDNS operates the largest and most up-to-date DNS caches on the Internet today, so we see the entire global state of the Internet. Since we serve tens of billions of DNS requests daily, our cache contains almost the entire global Internet at any given time. This ensures that for any DNS request you make to OpenDNS, we probably already know the answer without having to ask the authoritative DNS servers. This reduces your DNS response time, providing you a faster Internet experience.

Why are we so reliable?

We’ve built a self-healing network across three continents to give you the most reliable DNS service on the planet. By self-healing, we mean we’ve designed against the failure of nearly every aspect of our system and can withstand tremendous disruption to our infrastructure without causing disruption for our customers. We use multiple telecom carriers at every site to ensure full redundancy of our Internet bandwidth. We also connect to regional networks at every site to help geographically isolate traffic so that an issue in one region doesn’t spillover and impact another. All of this bandwidth then feeds into a large cluster of servers at each site that is constantly balancing the load across itself.

Our Anycast routing infrastructure not only provides speed, but it also makes us more reliable. By having an IP address spread across our global datacenter locations, we increase the overall resiliency of the system. If one of our datacenters were to go offline due to a natural disaster, equipment failure or maintenance, all requests would be transparently re-routed to the next closest location. At all times we maintain at least 50 percent capacity, and often much more than that in order to handle massive traffic spikes. Read more about our delivery platform and technologies in this whitepaper.