>>> A notable class of exceptions is that of OpenWrt powered devices:
>>> OpenWrt comes with dnsmasq configured out of the box, and thus provides
>>> caching.
>> "Back in the days" (at the beginning of OpenWRT), most home routers used
>> `dnsmasq`, AFAIK. So I'd expect today's devices to use `dnsmasq` or
>> similar as well. Why would the manufacturers bundle some broken dns
>> proxy/server instead of `dnsmasq`?
> I think it's attempt to save up on system resources, and also cost and
> firmware size reduction.
> You can build a device that looks shiny on the outside and put 5-8 years old
> SoC inside with bare minimum EEPROM and RAM required for it to function.
The ones with `dnsmasq` back then had typically 4MB of flash and 16MB of RAM.
Are the ones with broken DNS proxy/server really coming with fewer
resources than that?
> And besides, you can make it so there is no internal DNServer at all,
That I can believe (and isn't a bad option, IMO),
but the discussion was about broken DNS proxies/servers.
> just a simple iptables SNAT rule for port #53 hidden from end user
> behind a checkbox on the web interface named "Enable DNS relay".
That's not even needed: just tell the DHCP clients to use the ISP's
DNS servers.
Stefan
