Google, OpenDNS flip switch to speed up the Internet

The Global Internet Speedup initiative challenges Akamai and Limelight while creating potential privacy issues

Leave it to Google to give away for free what other companies charge for. The company has teamed up with OpenDNS to officially kick off the Global Internet Speedup initiative today, an effort to turbocharge delivery of Web content by making DNS requests smarter.

For users, the initiative means that they will enjoy a faster Web browsing experience when accessing content delivered via OpenDNS, Google Public DNS, and other participating CDNs (content delivery networks).

The underlying technology for the Global Internet Speedup initiative, a standard called edns-client-subnet, is pretty straightforward: When a user's machine sends a DNS request for Web content, it includes the first three numbers of the user's IP address. Based on those three digits -- which represent the user's geographic location at the country level, not city -- the request will be automatically sent to the closest, fastest, or least congested server (a local cache).

This approach is more intelligent than the current system, where CDNs deliver content based on the location of a user's DNS server, which tends not to be the closest server, geographically speaking, or necessarily the fastest.

Users don't need to do anything differently to see speed gains, though just how significant those gains will be isn't clear. They'll also vary from city to city, country to country, and site to site.

However, the minds behind the initiative acknowledge that the technology opens potential privacy issues, because with edns-client-subnet, a portion of a user's IP address is included in the DNS response. That means that if a user connects to a site that uses a different provider for DNS than for Web services, the DNS company could see that truncated IP address information. "It's not clear if this is a good idea and therefore recursive DNS providers are encouraged to only implement edns-client-subnet with services that provide combined DNS and HTTP so that no new third party is introduced to even a portion of the user IP address," according to the GIS website.

The IETF draft of edns-client-subnet expands on other potential security issues, including the following:

  • With the edns-client-subnet option, the network address of the client that initiated the resolution becomes visible to all servers involved in the resolution process. Additionally, it will be visible from any network traversed by the DNS packets.
  • edns-client-subnet adds information to the q-tuple, which allows an attacker to pull off a potential birthday attack by send a caching Intermediate Nameserver multiple queries with spoofed IP addresses either in the edns-client-subnet option or as the source IP.
  • An arbitrary resolver or client could provide false information in the edns-client-subnet option or could send UDP packets with forged source IP addresses, allowing a malicious hacker to pollute the cache or mount a denial-of-service attack.

For all three issues, the draft provides recommended mitigations, though it's up to companies that embrace the standard to implement them.

This initiative is open to other recursive DNS service providers, CDNs, and anyone else interested in participating, all for free. On board thus far, beyond Google and OpenDNS, are Bitgravity, CDNetworks,, and Edgecast.

The question is will the big-name players in the Web acceleration space, such as Akamai, Limelight, and Amazon, join the party? The pressure's on to connect users with the staggering quantity of Web content as quickly as possible, so a free boost such as this one that doesn't even require an investment in proprietary technology could incentivize companies to sign on with a participating CDN. Then again, the aforementioned competitors might find the GIS technology to be a valuable complement to their own offerings.

This story, "Google, OpenDNS flip switch to speed up the Internet," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow on Twitter.

Copyright © 2011 IDG Communications, Inc.