What is rethinkdns?
rethinkdns is a fast, secure, private, transparent, configurable DNS resolver and a firewall. A DNS resolver is an address book of the internet-- it helps locate IP addresses of the servers given a domain name. For example, dns.google.com (a domain name) is located at 126.96.36.199 (IP address). This mapping is retrieved by a DNS resolver.
- Fast: With end-to-end median latency as low as 30ms, our resolver is quite fast, though not the fastest. Primary reason is that the resolver runs in over 200+ locations worldwide in Cloudflare’s data centers, and the user requests are routed to the closest possible server.
- Secure: Security means a lot of different things to different people. Rethinkdns is secure in the sense it only responds over TLS, a secure protocol that underpins the world-wide web. This means primarily two things: The Internet Service Providers and the Governments could no longer track your browsing behaviour through DNS requests that were previously sent in plain-text; and it helps overcome DNS Manipulation Attacks that are widely employed to censor the Internet in most countries.
- Private: Each user gets their own endpoint which pretty much functions as if the resolver was setup and running solely for the user.
- Transparent: The resolver, optionally, can send per-user logs for analysis, and to generate analytics and reports; so a user can see what’s up.
- Configurable: Users can choose from preset blocklists to define firewall rules according to their preferences.
Rethinkdns companion app for Android doubles up as a firewall and includes rules such as, block apps by category, block when app is in the background, block an app when device is locked, or block an app forever.