DNS filtering why not a Global service

1st September 2021

I support clients that have been using Quad9 (9.9.9.9) and OpenDNS to filter requests that lookup DNS names associated with BotNets and other shenanigans.

The problem we ran into is with decentralized services where DNS looks up to different datacenters depending on where in the world you are asking. ie if you do a lookup from USA, the IP returned is for the North America datacenter because that is the closest and will give the best service. The Europe datacenter is not included in the results as it will give noticeably worse performance.

So we have had to change to a Canadian based DNS filtering service (as my clients are Canadian) CIRA.ca is a direct replacement as it is free and successfully does the Geo based lookups.

for reference the CIRA.ca DNS FILTERING servers are

149.112.121.20
149.112.122.20

they are a little difficult to find on the Cira website https://www.cira.ca/cybersecurity-services/canadian-shield/configure

CIRA also offers different servers that also filter pornography, if you have young children etc.

Update:

Lawrence Systems also likes the Quad9 dns filter. see their youTube channel about 6min in

DNS filtering services