Back to Home11/19/2025, 5:52:52 PM

Show HN: DNS Benchmark Tool – Compare and monitor resolvers

ovo101
24 points
10 comments
I built a CLI to benchmark DNS resolvers after discovering DNS was adding 300ms to my API requests.

v0.3.0 just released with new features: compare: Test single domain across all resolvers top: Rank resolvers by latency/reliability/balanced monitor: Continuous tracking with threshold alerts

1,400+ downloads in first week.

Quick start: pip install dns-benchmark-tool dns-benchmark compare --domain google.com

CLI stays free forever. Hosted version (multi-region, historical tracking, alerts) coming Q1 2026.

GitHub: https://github.com/frankovo/dns-benchmark-tool Feedback: https://forms.gle/BJBiyBFvRJHskyR57

Built with Python + dnspython. Open to questions and feedback!

Discussion Activity

Moderate engagement

First comment

31m

Peak period

6

Hour 1

Avg / period

5

Comment distribution10 data points

Based on 10 loaded comments

Key moments

  1. 01Story posted

    11/19/2025, 5:52:52 PM

    2h ago

    Step 01
  2. 02First comment

    11/19/2025, 6:23:53 PM

    31m after posting

    Step 02
  3. 03Peak activity

    6 comments in Hour 1

    Hottest window of the conversation

    Step 03
  4. 04Latest activity

    11/19/2025, 7:02:44 PM

    1h ago

    Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (10 comments)
Showing 10 comments
WarOnPrivacy
1h ago
1 reply
The Spinrite guy was the first to do this (I think). https://www.grc.com/dns/benchmark.htm

That said, more options are good. I'll give this one a go.

whalesalad
1h ago
Works on Linux with Wine too =)
1970-01-01
1h ago
2 replies
Here's my take. Ads will happily eat 300ms per webpage if you allow them to load. A fast DNS is great, but an adblocking DNS will save you much more time if you're just browsing.
m3047
1h ago
DNS is utilized for many things besides looking up web sites (and consequently ads on web sites). DNS was used for many things etcd was invented to solve, and still is by many. Adblocking is kidstuff; the bearded, motorcycle riding, gun-shooting, jumping out of airplanes and hanging off of rocks jackals use a "DNS firewall" (just posted this the other day): https://www.dnsrpz.info/ and Dnstap for application-level DNS logging.
jeffbee
1h ago
I doubt that your conclusion is correct (because local DNS resolvers that consult blocklists are often surprisingly slow) but I think your theory of the matter is accurate. The raw speed of the DNS server is almost irrelevant because there are other much larger systemic performance issues at stake. For example Cloudflare does not forward EDNS to the origin, so the records it returns are suboptimal for services that use DNS-based service affinity. It doesn't make a difference to me if Cloudflare is a few microseconds faster — and by the way I sincerely doubt that this python program is observing meaningful microsecond-scale differences — because overall it makes applications slower.
jeffbee
1h ago
You are, presumably, already familiar with the ISC Looking Glass?

https://isc.sans.edu/api/dnslookup/google.com

m3047
1h ago
Things built with asyncio and dnspython are close to my heart. ;-)

So, my impression from the doc (and a quick browse of the code) is that this is a tool for monitoring DNS caching / recursing resolver (RD) performance, not authoritative. If performance really matters to you, you should be running your own resolver(s). [0] Granted, you will quickly realize that some outfits running auth servers seem to understand that they're dependent on caching / recursing resolvers, and some are oblivious. Large public servers (recursing and auth) tend to "spread the pain" and so most people don't feel the bumps; but when they fall over they fall over large, and they bring some principles (and thereby create "vulnerabilities") at odds with what the DNS was architected for and throw the mitigation on the other operators, including operators who never accepted these self-anointed principles to begin with.

I have a hard time understanding how DNS is adding 300ms to every one of your API requests... unless DNS is both the API and transport, or you're using negative TTLs /s.

Good doc, by the way.

[0] Actual resolvers. Not forwarders.

PcChip
1h ago
is this similar to the GRC tool?
mrngm
1h ago
https://github.com/farrokhi/dnsdiag is another great toolbox for looking into DNS problems.
johng
1h ago
Very neat tool!
View full discussion on Hacker News
ID: 45982526Type: storyLast synced: 11/19/2025, 8:02:53 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Read ArticleView on HN