THE OFFICIAL BLOG OF THE SBS "DIVA"

Using forwarders will increase dns resolution time, and incurs a longer latency penalty on noncached lookups versus no forwarders at all.  Since in most cases your clients are looking to your in-house DNS server, and it is unlikely to be down while other services are up, this adds a delay for net resolution for every first noncached query that doesn't need to be there.

Susan,

Do you recommend setting up OpenDNS on the SBS box instead of the router?

Thank you for info.  Good stuff!

I have a thing against giving out website usage information to a company that sells it to advertisers under the guise of a "free service".  

I have another thing against a company that hijacks invalid DNS resolves and doesn't give me the choice in search engines to which they are forwarded, due to security issues with search engine companies not filtering sponsored search results (like my ISP tried to do once with Yahoo, but has since backed down - they even went so far as to hijack Address Bar searches by looking for specific URL parameters).

I was at a clients place earlier today and they had a user that had Google set up as their default search engine.

He's a safety instructor for the business and he was doing a bit of research online.  So he proceeded to type in "workplace deaths june 2009" into Google, and clicked on the 3rd search result that came up.  Not one of the sponsored searches, but one of the standard search results.  It led to a page on 007webs.com - a freehost similar to Geocities or Angelfire (remember them?).

Anyway, it resulted in a page that forwarded twice to another page that looked like XP's Windows Explorer and said the PC was infected, yada yada, with a dialog box that said "Click OK to install Personal Antivirus...".  You know where this is leading....

So they called me over before he clicked on anything, and I killed the process for IE before it had a chance to install.

So now he uses Bing and all of the search results on the first 5 pages for the exact same terms are safe.

There we have it, SBS has DNS issues (No Standard version of Windows has ever had issues keeping forwarders blank.

In my tests, putting in a forwarder to OpenDNS or even your own ISP increases DNS resolution time.  Susan, do a test with noncached addresses.

OpenDNS also takes a variable amount of time on false hit to pull up that search page.  I do not recommend it for business use. I do recommend it for home or very small business use.

And: we have confirmation that Bing is safe!  There's no chance that Bing will give you a bad site on search!

Perhaps it was the user's choice of browser that is the issue?

"OpenDNS also takes a variable amount of time on false hit to pull up that search page.  I do not recommend it for business use. I do recommend it for home or very small business use."

It's a page redirection to Yahoo.  Yahoo wouldn't have half of the market share they do now if it weren't for OpenDNS.  If OpenDNS were to drop Yahoo, they'd just be done.

"And: we have confirmation that Bing is safe!  There's no chance that Bing will give you a bad site on search!"

Safer than Google anyway.  Just look at Google's data retention policies for proof.  Then look at the sites that they advertise.  Stark contrast.

"Perhaps it was the user's choice of browser that is the issue?"

Nope.  It was IE7 in both cases - same computer.  It wasn't like it was the users fault either.  In fact, I ran some tests on several other domain lookup sites and most of them already block the domain due to security reasons (they host malware!).  Google didn't.  That's Google's fault.

One doesn't resolved because you typed the wrong IP ;)

208.67.222.220 instead of 208.67.220.220