Rick Moen wrote: > By the way, IMO, you really should consider running and using a local > recursive DNS nameserver.
I'd suggest adding caching in there somewhere, probably assumed. > Doing so improve performance a great deal > over using your "router on your home network", which almost certainly is > merely a forwarder. Agreed. Large ISPs (like pacbell) often have overloaded DNS, not to mention the DNS is often on the wrong end of a busy network. I suggest unbound. > It'll also improve performance over using OpenDNS, Sort of. For cache hits, yes. For cache misses, not to much. OpenDNS tries to keep a rather large fraction of the zones caches. So just when things are the worst (say a site is so busy it's having a hard time keeping up with dns requests) opendns often will quickly give you the dns record you need. > along with not giving the operators of that service detailed > information about your Internet activity Sure, so only your ISP instead of opendns and your ISP knowing everywhere you visit. , _and_ (unlike OpenDNS) it > would actually implement DNS technical standards correctly (i.e., > correctly answering "NXDOMAIN" when that's the truth). NXDOMAIN does bug me, I believe that optional if you login/create an account. Oh, almost forgot. I'd recommend unbound as a local caching recursive server. It's DNSSEC and DLV aware, seems to be rather well written for a specific purpose. Lean, mean, easy to configure, and more secure than many defaults. Apt-get install unbound if you are on ubuntu. _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
