AdGuardDNS
AdGuardDNS copied to clipboard
AdguardTeam
Add a server in Brazil
Yes, please add an Adguard DNS in Brazil. Today adguard dns ping is almost 200 ms and google dns/open dns/Cloudflare dns ping is 10ms, because they have servers in Brazil.
+1 please raise the priority of this FR, the ping times are unacceptable at 200ms!
There are brazilian companies that would offer free bandwidth on their servers through partnerships, such as:
UEPG Internet Exchange (from the public university called Universidade Estadual de Ponta Grossa): https://ix.uepg.br/
EdgeUno: https://edgeuno.com/
Misaka: https://www.misaka.io/
There are other options too. I recommend checking some brazilian free servers on Ubuntu and Linux Mint's mirrors: https://launchpad.net/ubuntu/+archivemirrors https://linuxmint.com/mirrors.php
There are brazilian companies that would offer free bandwidth on their servers through partnerships, such as:
UEPG Internet Exchange (from the public university called Universidade Estadual de Ponta Grossa): https://ix.uepg.br/
EdgeUno: https://edgeuno.com/
Misaka: https://www.misaka.io/
There are other options too. I recommend checking some brazilian free servers on Ubuntu and Linux Mint's mirrors: https://launchpad.net/ubuntu/+archivemirrors https://linuxmint.com/mirrors.php
I just checked all 3 but couldn’t find an option for DNS-based ad/threat-blocking…? Am I missing something…?
We tested Sao Paulo recently for a few days. Not too happy with the results compared to the Miami servers that most of the users are routed to now.
Btw, guys, could you please tell me what connectivity do you have to 94.140.14.14?
Here are two questions:
- What do you see when you open
https://dns.adguard.com/info.txt? - What's the ping value?
94.140.14.14
The URL gives me: dns2-dp-mia-4
Pinging 94.140.14.14 directly:
My ISP is located in Sao Paulo btw
My ISP is Santa Catarina
dns2-dp-lon-2
PS C:\Users\Maison> ping 94.140.14.14
Disparando 94.140.14.14 com 32 bytes de dados: Resposta de 94.140.14.14: bytes=32 tempo=126ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=126ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=126ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=126ms TTL=55
Thanks
My ISP is in Viçosa, MG
dns2-dp-mia-2
C:\Users\marcelo.caetano> ping 94.140.14.14
Disparando 94.140.14.14 com 32 bytes de dados: Resposta de 94.140.14.14: bytes=32 tempo=114ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=114ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=114ms TTL=55 Resposta de 94.140.14.14: bytes=32 tempo=114ms TTL=55
Estatísticas do Ping para 94.140.14.14: Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de perda), Aproximar um número redondo de vezes em milissegundos: Mínimo = 114ms, Máximo = 114ms, Média = 114ms
- https://dns.adguard.com/info.txt
My ISP is in Rio de Janeiro, RJ
dns2-dp-ny-1
ping -c4 94.140.14.14 PING 94.140.14.14 (94.140.14.14) 56(84) bytes of data. 64 bytes from 94.140.14.14: icmp_seq=1 ttl=53 time=193 ms 64 bytes from 94.140.14.14: icmp_seq=2 ttl=53 time=211 ms 64 bytes from 94.140.14.14: icmp_seq=3 ttl=53 time=121 ms 64 bytes from 94.140.14.14: icmp_seq=4 ttl=53 time=153 ms
--- 94.140.14.14 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 120.925/169.219/210.596/34.923 ms
Just so you can compare the ping difference between Adguard DNS and some others with servers in Rio de Janeiro and/or only in São Paulo (like Google public dns)
Quad9 DNS ping -c4 9.9.9.9 PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data. 64 bytes from 9.9.9.9: icmp_seq=1 ttl=53 time=13.1 ms 64 bytes from 9.9.9.9: icmp_seq=2 ttl=53 time=12.1 ms 64 bytes from 9.9.9.9: icmp_seq=3 ttl=53 time=10.7 ms 64 bytes from 9.9.9.9: icmp_seq=4 ttl=53 time=13.8 ms
--- 9.9.9.9 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 10.733/12.435/13.754/1.141 ms
Google Public DNS ping -c4 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=114 time=12.7 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=114 time=12.9 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=114 time=17.1 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=114 time=10.6 ms
--- 8.8.8.8 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 10.550/13.328/17.101/2.369 ms
Cloudflare DNS 1.1.1.1 ping -c4 1.1.1.1 PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=55 time=13.7 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=55 time=15.7 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=55 time=14.9 ms 64 bytes from 1.1.1.1: icmp_seq=4 ttl=55 time=14.5 ms
--- 1.1.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3006ms rtt min/avg/max/mdev = 13.693/14.677/15.667/0.714 ms
OpenDNS ping -c4 208.67.222.222 PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data. 64 bytes from 208.67.222.222: icmp_seq=1 ttl=56 time=14.2 ms 64 bytes from 208.67.222.222: icmp_seq=2 ttl=56 time=12.0 ms 64 bytes from 208.67.222.222: icmp_seq=3 ttl=56 time=18.7 ms 64 bytes from 208.67.222.222: icmp_seq=4 ttl=56 time=12.9 ms
--- 208.67.222.222 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 12.017/14.467/18.723/2.580 ms
We tested Sao Paulo recently for a few days. Not too happy with the results compared to the Miami servers that most of the users are routed to now.
Btw, guys, could you please tell me what connectivity do you have to 94.140.14.14?
Here are two questions:
- What do you see when you open
https://dns.adguard.com/info.txt?- What's the ping value?
I've been in contact with the Quad9 DNS team to help them adjust the ix.br route traffic and they told me that "Quad9 operates only on donated and sponsored resources; servers, space, power, transit, etc."
Quad9 currently has three servers in Brazil: São Paulo (EdgeUno), Rio de Janeiro (EdgeUno) and Ponta Grossa, Paraná (UEPG Internet Exchange). There are also, as they told me, plans to soon launch an EdgeUno server in Fortaleza too: https://www.quad9.net/service/locations
NextDNS has 7 servers in Brazil, most of them from EdgeUno and Misaka: https://nextdns.io They don't show it publicly, but through www.dnsleaktest.com and using their DNS I found this out.
That's why none of my suggestions above are from my head, they are already used by other companies.
OpenDNS has two servers: Equinix RJ2 and Equinix SP3. https://www.opendns.com/data-center-locations/
Cloudflare 1.1.1.1 has servers in 24 different cities in Brazil, but unfortunately it doesn't detail which ones: https://www.cloudflare.com/network/
I strongly recommend the AdguardDNS team to contact EdgeUno, Misaka, UEPG Internet Exchange and even other public universities and companies that offer free mirroring services for Ubuntu and Linux Mint. It is very likely that some of them allowed AdguardDNS to use their infrastructure in Brazil for free to expand the network. At most they would ask you to name them, as Quad9 does on the website above and a post in the news tab describing the partnership.
This is how in May, 2022 Quad9 got a free partnership with EdgeUno and can expand in one go to Sao Paulo and Rio de Janeiro in Brazil, Bogota in Colombia, Santiago in Chile, and Lima in Peru: https://www.quad9.net/news/press/quad9-selects-edgeuno-latin-america Until then, Quad9's ping to Rio de Janeiro was the same as that of AdguarDNS (between 150 and 200 ms) and now it is below 15 ms:
ping -c4 9.9.9.9 PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data. 64 bytes from 9.9.9.9: icmp_seq=1 ttl=53 time=13.1 ms 64 bytes from 9.9.9.9: icmp_seq=2 ttl=53 time=12.1 ms 64 bytes from 9.9.9.9: icmp_seq=3 ttl=53 time=10.7 ms 64 bytes from 9.9.9.9: icmp_seq=4 ttl=53 time=13.8 ms
--- 9.9.9.9 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 10,733/12,435/13,754/1,141 ms
It was also through a free partnership that a few weeks ago they expanded further to the South of the country through the UEPG Internet Exchange (from the public university called Universidade Estadual de Ponta Grossa).
So there are solutions. I ask, please, that the Adguard DNS team can finally expand to Brazil or even to Brazil and other South American countries and can soon close this topic, which was opened in 2019, that is, 3 years ago and a half. This is an old demand from Brazilian users. Remember that in 2023, with Mainfest V3 being released by Google, many users tend to switch to using ad-blocking DNS as browser extensions may not work properly. There is a potential for a large increase in dns demand in all regions of the world. While Adguard DNS does not have servers in South America, other similar solutions like NextDNS (which offers Adguard dns list alongside it) tend to grow in the region.
Thank you very much for your attention.
We tested Sao Paulo recently for a few days. Not too happy with the results compared to the Miami servers that most of the users are routed to now.
Btw, guys, could you please tell me what connectivity do you have to 94.140.14.14?
Here are two questions:
- What do you see when you open
https://dns.adguard.com/info.txt?- What's the ping value?
C:\Users\iopdev>ping 94.140.14.14
Disparando 94.140.14.14 com 32 bytes de dados:
Resposta de 94.140.14.14: bytes=32 tempo=93ms TTL=52
Resposta de 94.140.14.14: bytes=32 tempo=92ms TTL=52
Resposta de 94.140.14.14: bytes=32 tempo=92ms TTL=52
Resposta de 94.140.14.14: bytes=32 tempo=92ms TTL=52
Estatísticas do Ping para 94.140.14.14:
Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de
perda),
Aproximar um número redondo de vezes em milissegundos:
Mínimo = 92ms, Máximo = 93ms, Média = 92ms
dns2-dp-mia-7
While the AdGuard team considers this FR, an alternative for small business and home users might be to host your own DNS server on premises with AdGuard Home (https://kb.adguard.com/en/home/overview).
It's quite similar to the cloud-hosted AdGuard DNS, with the advantage that you can add your custom block lists (something that the cloud-version doesn't offer yet)
By setting a low-latency DNS like 1.1.1.1 or 8.8.8.8 as upstream resolvers in AdGuard Home, you can basically achieve a similar result as AdGuard DNS (in terms of blocking/filtering/etc), but with a much lower resolution latency overall.
I'm using AdGuard Home in a raspberry pi and it works perfectly. Avg latency to resolve an un-cached DNS is around 40-50ms
While the AdGuard team considers this FR, an alternative for small business and home users might be to host your own DNS server on premises with AdGuard Home (https://kb.adguard.com/en/home/overview).
It's quite similar to the cloud-hosted AdGuard DNS, with the advantage that you can add your custom block lists (something that the cloud-version doesn't offer yet)
By setting a low-latency DNS like 1.1.1.1 or 8.8.8.8 as upstream resolvers in AdGuard Home, you can basically achieve a similar result as AdGuard DNS (in terms of blocking/filtering/etc), but with a much lower resolution latency overall.
I'm using AdGuard Home in a raspberry pi and it works perfectly. Avg latency to resolve an un-cached DNS is around 40-50ms
how can It be used in conjuction with AG for Windows ,AGVPN and is it possible to propagate from my computer to the router?
To use AdGuard Home with Windows, first you would need to turn off DNS Protection in the Windows AdGuard app. I don't have AdGuard VPN, but I'm alsmot sure there's also an option to turn off using AdGuard VPN's DNS settings.
The whole point of using AdGuard Home is that it affords your entire home network with the same DNS-based filtering of ads, trackers, malicious sites, etc that AdGuard cloud version does, but with a much lower latency to resolve DNS to IP's. While the cloud version is giving you latency around 90ms, if you use AdGuard Home with 1.1.1.1 as the upstream DNS you may get avg latency < 40ms
To have your entire home network use AdGuard Home, set it up as I said earlier (e.g. in a raspberry pi, VM, etc), then go to your DHCP server (which is probably your wifi router) and configure it to have the DNS server point to the IP of the raspberry pi (or VM) where AdGuard Home is running. It's quite simple
would it be detrimental to only run it on one machine? wouldn't it do a double firewall effect?
@fabioeidi20 thanks for mentioning AGH. Here's also an article about setting up AGH on a public server, might be useful: https://adguard.com/en/blog/adguard-home-on-public-server.html
i saw that you would still need a domain in order to filter HTTPS queries... or did i get something wrong?
The functionalities offered by the AdGuard app for Windows and AdGuard home are not identical. AGH does “DNS sinkholing”, but does not perform traffic inspection (it cannot look at network packets going from the internet to your PC or phone and make a decision on whether to block, alter or allow such traffic).
AdGuard for Windows can do both: “DSN sinkholing” plus traffic inspection, i.e. looking at incoming packets and e.g. cleaning parts of a cookie, removing or altering the browser user agent that your PC sends to websites, etc.
So I guess there’s nothing “detrimental” in running AGH at the network level and AG for Windows on your PC (I have that set up in my house), because the PC app has the extra benefit of content filtering. The whole point why I suggested AGH is to solely to mitigate the “latency issue” that this FR is intended to address, because the cloud-hosted AdGuard DNS servers are in Miami and you’ve seen our pings from Brazil to that server (all in the range of 90-200ms, which makes loading web pages “feel slow”). With an on-premises AGH (or the self-hosted option ameskov mentioned) you might lower the latency to <40ms and everything on your network will “feel faster”
The advantage of also having AGH at the network level is that it can also do “DNS sinkholing” for other devices on which you can’t have the AdGuard app, such as Smart TV’s, smart speakers, IoT devices, surveillance cameras, etc… all these can still be targets for exploitation and can also send some of your private data to the internet, so doing DNS sinkholing on them might reduce (but not eliminate) some of those risks
The functionalities offered by the AdGuard app for Windows and AdGuard home are not identical. AGH does “DNS sinkholing”, but does not perform traffic inspection (it cannot look at network packets going from the internet to your PC or phone and make a decision on whether to block, alter or allow such traffic).
AdGuard for Windows can do both: “DSN sinkholing” plus traffic inspection, i.e. looking at incoming packets and e.g. cleaning parts of a cookie, removing or altering the browser user agent that your PC sends to websites, etc.
So I guess there’s nothing “detrimental” in running AGH at the network level and AG for Windows on your PC (I have that set up in my house), because the PC app has the extra benefit of content filtering. The whole point why I suggested AGH is to solely to mitigate the “latency issue” that this FR is intended to address, because the cloud-hosted AdGuard DNS servers are in Miami and you’ve seen our pings from Brazil to that server (all in the range of 90-200ms, which makes loading web pages “feel slow”). With an on-premises AGH (or the self-hosted option ameskov mentioned) you might lower the latency to <40ms and everything on your network will “feel faster”
The advantage of also having AGH at the network level is that it can also do “DNS sinkholing” for other devices on which you can’t have the AdGuard app, such as Smart TV’s, smart speakers, IoT devices, surveillance cameras, etc… all these can still be targets for exploitation and can also send some of your private data to the internet, so doing DNS sinkholing on them might reduce (but not eliminate) some of those risks
I see... i am still trying to set DoH or even DoT on it... can you give me a hand? also, should i trust default settings on AGHome? cause it uses Quad9 by default if i'm not mistaken and you said to try cloudflare/google for instance.
Hello @ameshkov ,
I have two questions:
-
Do you partner with Packet Clearing House https://www.pch.net/ which is currently the largest DNS content delivery network in the world (https://www.pch.net/services/anycast)? Because they have two servers in Brazil
-
Have you tried to contact the National Education and Research Network (RNP) https://www.rnp.br/ which is the institution that manages the network of all public universities in Brazil spread across several states of the country ? Many public universities would be willing to help you expand the network across the states of Brazil, as they have idle capacity in their infrastructure and would most likely offer the partnership free of charge.
It would be two great opportunities for you.
Thank you
It is not so significant, comparing the advantages between the services, Next Dns is better, even with the request limitation
For the IP issue that changes in some ISP, I use Raspberry that periodically accesses an API Address of NextDNS that updates the address on the site, without having to access.
ControlD is free for 30 days, after that is paid.
The boring and inconvenient side is the limit. Sometimes I get a couple of days, but for me it's acceptable.
We launched another test in Sao Paulo a few hours ago. Most of the South America users are now routed to it. So far, it seems to be handling high load well. The testing period is 2 weeks. If nothing extraordinary happens during that period, we'll keep Sao Paulo and make a public announcement.
We launched another test in Sao Paulo a few hours ago. Most of the South America users are now routed to it. So far, it seems to be handling high load well. The testing period is 2 weeks. If nothing extraordinary happens during that period, we'll keep Sao Paulo and make a public announcement.
That's very great news. Are you considering placing DNS servers on other states as well for a more loaded balance? It would be wise to split between Sao Paulo - SP, Recife - PE, Fortaleza - CE and Salvador - BA. which would net a good mix of balance in the latency as well. Not asking for nodes on each of the 26 estates, just more coverage for north and northeast regions of Brazil as well.
We generally tend to have fewer, but more "powerful" locations instead of having as many PoPs as possible. Otherwise, with the number of AdGuard DNS users, organizational and maintainance costs will skyrocket.
We launched another test in Sao Paulo a few hours ago. Most of the South America users are now routed to it. So far, it seems to be handling high load well. The testing period is 2 weeks. If nothing extraordinary happens during that period, we'll keep Sao Paulo and make a public announcement.
Excellent news! Will test with my ISP in Sao Paulo
@jakecharlie at the moment about 75% of Brazil traffic is routed properly. For others we'll need to adjust routes manually.
When i get home i'll test in my ISP as well (Brisanet AS28126) to tell if it working as intended.
I see you guys referring to these codes AS28126, AS26615, AS26599, AS28573, etc...
how do you find the code for a given ISP?
I see you guys referring to these codes AS28126, AS26615, AS26599, AS28573, etc...
how do you find the code for a given ISP?
https://bgp.he.net/ just use the search bar.