Quoting Steve Litt ([email protected]): > Some folks don't have what it takes to install their own caching DNS > server, even one as simple as Unbound, and therefore I think they're > better off with a known-decent public DNS than the DNS DHCP-recommended > by whatever hotspot they happen to be passing.
Yes, this is a fair and valid point. Cloudfare has a reputation of super-fast results from its public recursive service (though obviously a local resolver would be significantly faster still), so that could be considered a slight advantage over other remote-service competitors -- and ISP recursive nameservice is, as a general rule, so infamously bad that any of these big public services is relatively attractive -- as long as you care nothing at all for privacy and control over your Internet infrastructure. That same assumption of insouciance applies if you use your ISP's (or local, e.g., hotel or coffee house hotspot's) recursive servers, with the difference that _if_ you are paying money for services including DNS (as you are with an ISP), the other party has a strong legal obligation to protect your interests (e.g., the implied covenant of good faith and fair dealing). I've pondered over the years the difference between rights you have when you're paying for services and rights when you aren't, and I'm _pretty_ sure the latter are orders of magnitude weaker, under caselaw and standard contract law, than the former. I.e., people who assume 'free' Internet providers are obliged by law (not to mention motivated) to treat you with the same respect they would a paying customer are living in a fool's paradise. As a side observation, it is sometimes very useful to keep and use a local DNS cache, e.g., using nscd, irrespective of where the recursive service is happening. (The classic use-case for nscd is on NFS/NIS or NFS/LDAP networks, but wider use sometimes is sensible, too.) (nscd can cache a great deal more than DNS. It is of course configurable. See: https://prefetch.net/blog/2011/03/27/configuring-nscd-to-cache-dns-host-lookups/ ) _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
