Speeding up Internet connections.

We are currently hearing a lot about download speed of the Internet in the UK press.

However, one of the most overlooked timings is the response of DNS queries. OK, too technical.

When you type a URL (Uniform Resource Location) or for the non-tech crew. www.google.co.uk for example, a number of processes occur before the content of the website is brought to you browser.

It’s demonstrated here visually for those who want to see what happens. The time that this process takes from you typing in the URL you want in your browser to it finding the IP address of the server can be a significant time.

As most ISP’s (Internet Service Provider) be they ADSL or Cable type run the own DNS servers theses generally can become flooded with requests, they then tend to become slow in responding to finding the IP address of the server. It’s very similar to you driving along the M25 or M62 at peak times. You do get to the destination, eventually! But, it can take 10 mins out of peak traffic or over an hour in.

By using an external DNS server, they are available where ever you may find yourself in the world and they can still be used if you are sitting in an airport or hotel reception. As the external DNS servers are teamed together around the globe they provide a faster response than that of local ISP.

Now, I can hear you say. “it will be extra m/s’s to respond”. True, but because the web pages are now filled with content from other sources than the original site itself. These extra times will quickly build up to make you weep when browsing.

If each section of the website is provided by a 3rd party (Goggle ad’s for example) and takes a 0.25 of a second to resolve, that’s 5 seconds added to a typical web page load. Five seconds may not sound like much. Count it out loud… it’s a long time, isn’t it? Normally, this leads to the accusation that the ISP is not providing the download speed advertised.

But as experts, we know that it is normally DNS resolution and Latency that provides these issues. Not bandwidth!

That said if an ISP is saying it provides an 8Mb circuit in bold lettering. It should also be forced to show the contention in the same bold text. Normally, this is 1-25 or 1-50.  So, divide that 8Mb by 50 and you get 160K/b a second on a bad day, if everyone uses the resource at the same time. That will make your IPlayer session come to a halt. As being video it needs between 2.4-3.6Mbit a second.  But, most web pages are kept slimmer than this. As the guys hosting the websites know, we pay for the amount of bandwidth we use. So, those pretty web pages are very economical with the bandwidth size they use.

An additional feature of using external DNS servers are there ability to flag bad server IP’s. Such as the ones that are trying to obtain you Credit Card or Banking information. So, whilst they are not totally 100%. As nothing is! They quickly become aware of servers IP that is being used for such activity. As they know the IP servers for Barclay’s bank over the world and will flag this in your browser.

So, what’s involved?

It’s quite simple really to try the speed improvement out. You don’t need to download any software, as what you need is already there and it costs you nothing. So, give it a try.

There are two methods. First, is to change the DNS settings on your router. This makes all of the PC’s / Apple systems use the external DNS servers.

Or, to change the settings on a PC or Apple system individually. Now, unless you are technical. I would suggest starting by changing the PC settings. Unless you have more than 3-4 systems.

This is how you do it.

If you have broadband

  1. Click Start > Control Panel > Network Connections and select your local network.
  2. On the General tab click Properties > Internet Protocol (TCP/IP).
  3. Click Properties

Now, be careful here. You only want to change the DNS section. Leave the allocation of IP address alone. This will normally be set to obtain an IP address from DHCP server.

The Internet Protocol window will appear. Click Use the following DNS server addresses and enter the DNS server(s) you want to use.  You will have to select Manual allocation as normally this will be set to Automatically obtain. I would suggest the following. note: If your DNS settings have numbers in them. Then, make sure you take a note of what they are. Just in case you want to go back to these settings later.

156.154.70.1
156.154.71.1

Move the mouse pointer to the first of the DNS boxes. Far left-hand side. Then, type the figure and full stops into the boxes. Then, proceed to the next line below. Again, type the numbers and full stops into the boxes.

Once, you have completed this then select ‘OK’ until you return to the Network settings. Then, select cross on the top right-hand side, to return to the desktop. Launch your browser and hopefully, you should notice an improvement in speed when browsing.

Enjoy and as always constructive comments are welcome.

David Vincent – www.tagware.co.uk

When you see the little Key symbol you think you are safe?

Well, here we are again.

So you are login into the banks or Credit card. You made sure that you have the Key in the browser and you think you are safe?

Well, unfortunately, you are not. As most websites including Gmail, Cahoot, Tesco etc use the version 1.0 SSL.

http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

Trouble is this has been broken. So, you say oh dear. they will send out a fix. Well, the Fix has been out since 2006. But, the websites are somewhat in a chicken and egg problem.

As the normal browser including IE, Chrome, FF  etc are set at version 1.0. Although most can use 1.2 which is the most secure. If they did force you to use this level then quite a few of the commercial sites would refuse to work. :o( and of course the site would lose web traffic.

So, they decided to leave it. Now, of course, it is going to come and bite them. As they have left open a way for an attacker to high jacking the session. Trouble is, you will not know.

As you will turn up to the right website and be unaware of anything being wrong. You will see the lock in the browser and to the normal person. Everything would be fine.

So, my suggestion is to convince Google and other Search engines to rate the Websites positions by what SSL level they are using. So, the safe ones that use 1.2 are the ones that don’t.

Personally, I think you would then find a lot of websites migrating to the secure version. Which, then would make the site more secure the default standard. A quick tweak to the browser security settings and everyone would be using 1.2 in a short space of time. Then, the hackers would have to crack the 1.2. Which is going to be a lot more difficult.

The search engines then get the credit for providing a more secure internet. The banks have a very little excuse. They should have completed this upgrade many moons ago.

Well, that’s my point of view. What’s yours?

Thanks for reading.

David Vincent.