Tests
DNS benchmark
The DNS benchmark tests how fast different DNS resolvers respond to queries. DNS (Domain Name System) translates domain names like novabench.com into IP addresses. Every time you visit a website, send an email, or connect to a service, your device performs a DNS lookup. Slow DNS adds latency to every connection, even when your internet speed is fast.
The DNS benchmark helps you find the fastest resolver for your location, compare your system DNS against popular public resolvers, and evaluate how encrypted DNS protocols may affect performance.
What the DNS benchmark tests
The benchmark sends a configurable number of queries to each resolver and measures response time statistics. Two types of queries are tested:
- Uncached queries: fresh lookups that force the resolver to fetch the answer from authoritative nameservers. These measure the resolver's true lookup speed.
- Popular domain queries: lookups for commonly requested domains that are likely cached. These measure the resolver's cache hit performance, which is what you experience in day-to-day browsing.
For each resolver, Novabench records minimum, maximum, mean, median, standard deviation, and percentile (p95, p99) latency values, plus success and failure counts.
Configuration
Resolvers
By default, the benchmark tests your system nameserver (the DNS resolver configured in your operating system or router) and a set of well-known public DNS servers:
- Google (8.8.8.8)
- Cloudflare (1.1.1.1)
- Quad9 (9.9.9.9)
- OpenDNS
- AdGuard DNS
- CleanBrowsing
- Control D
- NextDNS
You can toggle whether to include your system nameserver, include public resolvers, or both. On Plus, you can add custom resolvers (up to 10) to test private or corporate DNS servers alongside public options.
Protocol
The protocol determines how DNS queries are sent:
Protocol | Description | Plan |
|---|---|---|
UDP | Standard DNS protocol. Queries are unencrypted. | Free |
DoT (DNS over TLS) | Encrypted queries over TLS. Slightly higher latency due to encryption overhead. | Plus |
DoH (DNS over HTTPS) | Encrypted queries sent over HTTPS on port 443. Useful on networks that may block DoT. | Plus |
DoQ (DNS over QUIC) | Encrypted queries using the QUIC protocol. Combines encryption with low-latency connection setup. | Plus |
Not all resolvers support all protocols. The benchmark only tests protocol/resolver combinations where the resolver advertises support.
DNSSEC validation
DNSSEC (Domain Name System Security Extensions) adds cryptographic signatures to DNS responses, verifying that the response came from the authoritative server and was not tampered with in transit. Enabling DNSSEC validation in the benchmark tests whether each resolver correctly validates signed domains, and the latency overhead of this validation.
Queries per resolver
You can adjust the number of test queries per resolver from 10 to 500 (default: 100). More queries produce more statistically reliable results but take longer to complete. Adjustable on Plus.
Live view
While the benchmark runs, a real-time display shows:
- Fastest resolver: the resolver with the lowest average latency so far
- System DNS performance: your system resolver's current average latency
- Bar chart: a ranking chart that updates as each resolver completes, sorted from fastest to slowest
Reading your results
After the benchmark completes, the results page provides two primary views.
Resolver ranking chart
A horizontal bar chart ranking all tested resolvers from fastest to slowest by average latency. Your system nameserver is highlighted with a distinct color so you can immediately see how the default resolver compares to alternatives.
If your system DNS is significantly slower than public resolvers, switching to a faster resolver can improve browsing speed and reduce connection setup times across all applications.
Detail table
A detailed table showing per-resolver, per-protocol statistics:
Column | Description |
|---|---|
Resolver | Name, IP address, and owner |
Protocol | Which protocol was tested (UDP, DoT, DoH, DoQ) |
Average latency | Mean response time across all queries (ms) |
Min / Max latency | Fastest and slowest individual query times |
Median latency | Middle value, less affected by outliers than the mean |
Failed Queries | The percentage of lookup requests that failed |
Your system nameserver is marked with a star icon (★) in the table for easy identification.
Interpreting your results
A few patterns to consider:
- System DNS much slower than public resolvers: your ISP's DNS may be overloaded or poorly optimized. Switching to a public resolver like Cloudflare (1.1.1.1) or Google (8.8.8.8) often improves performance.
- Encrypted protocols (DoT/DoH/DoQ) slightly slower than UDP: this is expected due to encryption overhead. The trade-off is privacy and security. DoQ typically has the lowest overhead among encrypted options.
- High variance (large gap between min and max): indicates inconsistent resolver performance. A resolver with a slightly higher average but low variance may provide a better experience than one with a low average but frequent slow responses.
- DNSSEC failures: if a resolver fails DNSSEC validation on signed domains, the resolver may not support DNSSEC or may have misconfigured validation.
Feature availability by plan
Feature | Free | Plus |
|---|---|---|
DNS benchmark (UDP, public resolvers) | Yes | Yes |
DoT, DoH, and DoQ protocols |
| Yes |
DNSSEC validation |
| Yes |
Custom resolvers (up to 10) |
| Yes |
Configurable queries per resolver |
| Yes |
Cloud submission and sharing |
| Yes |
Result tagging |
| Yes |
Advanced results grid filtering |
| Yes |
Related pages
- Speed test: measure download speed, upload speed, and connection latency
- Traceroute: trace the network path to diagnose routing issues
- Network tests overview: how the three network sub-tests relate and when to use each
- Scheduled tests: automate recurring DNS benchmarks