[dns-operations] After Google Mail, Google Docs, Google Wave... Google DNS

[Paul Vixie]

> Date: Sat, 5 Dec 2009 13:03:45 -0800
> From: Robert Edmonds <edmonds at isc.org>
> 
> unbound by default only provides recursive service to localhost (i'm not
> sure what the BIND default is).

perhaps you could ask a co-worker :-).  (it's { localhost; localnets; } now.)

> on debian and debian-derived systems it's as simple as:
> 
>     apt-get install unbound && echo nameserver 127.0.0.1 > /etc/resolv.conf
> 
> there's an unbound_setup_1.4.0.exe listed right below the source tarball
> on the unbound download page, so presumably the windows method involves
> whatever the point&click equivalent of "echo nameserver 127.0.0.1 >
> /etc/resolv.conf" is; perhaps this could be automated by the installer
> with a checkbox.

way to salute the competition :-).  could somebody make an apt-get bundle that
does this for BIND and PowerDNS as well?  someone deeply involved with debian,
perhaps?

> the main problem with encouraging people to run their own recursive DNS
> occurs when mobile users visit a network that intercepts or blocks port
> 53.  afaik there isn't an easy point&click way to toggle between the
> locally installed recursive nameserver and the nameservers provided via
> DHCP, nor is there a good way to detect and alert the user that port 53
> mangling is occurring.

i've had precisely this problem with opensuse on my laptop.  they have a
thing called "netconfig update" which looks at /etc/sysconfig/network/config
and regenerates /etc/resolv.conf or the forwarders list included by named.conf
but apparently i'd need to hack it quite a bit to make it turn forwarding on
and off.  and even then i'd need to change my wireless interface DHCP settings
to turn on and off the acceptance of DNS servers.  it's a mess and if someone
from novell/suse contacts me offline i'll try to explain how it ought to work
or even volunteer some new shell scriptery for the distro.