>We tend to run Cloudflare quad-1 rather than Google's quad-8, though >have hit instabilities with it, too.
I've been working on a fairly large (400+ sites) global WAN project and the Quad-8 fanboi foo is VERY high worldwide. Each site has an edge router which is responsible for DNS for the site, so the question is: what resolvers to use? It was decided we wanted some malware filtering, so we are using both Quad-9 and the Cloudflare filtering service (not 1.1.1.1 but 1.1.1.2).
What is very interesting is that there are a number of countries and ISPs which do NOT allow general DNS outbound queries, BUT which have in place an exception for 8.8.8.8. In other words, we have offices in countries where using a resolver other than 8.8.8.8 (or the ISP DNS servers) requires a written request to the ISP/ministry involved.
Since this is happening in a number of countries, it's hard to discern exactly why 8.8.8.8 is given the exception: perhaps they just got tired of people complaining or, as the conspiracy theorists propose, they are intercepting 8.8.8.8 and re-directing to their own in-house servers. Or some other reason.
Anyway, a bit far from mailops, but just an interesting and fairly unexpected observation.
jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Senior Partner, Opus One Phone: +1 520 324 0494 [email protected] http://www.opus1.com/jms _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
