[dns-operations] After Google Mail, Google Docs, Google Wave... Google DNS
Robert Edmonds
edmonds at isc.org
Sat Dec 5 21:03:45 UTC 2009
Paul Vixie wrote:
> this is the only way to make it actually work. but since making it work is
> not a first order goal, i'd rather akamai and other CDN's help with an
> education campaign about how easy it is to run one's own recursive DNS. and
> maybe help create a windows kit for it. (mac already has the software but
> even there, a config kit for it would help a lot.)
unbound by default only provides recursive service to localhost (i'm not
sure what the BIND default is). on debian and debian-derived systems
it's as simple as:
apt-get install unbound && echo nameserver 127.0.0.1 > /etc/resolv.conf
there's an unbound_setup_1.4.0.exe listed right below the source tarball
on the unbound download page, so presumably the windows method involves
whatever the point&click equivalent of "echo nameserver 127.0.0.1 >
/etc/resolv.conf" is; perhaps this could be automated by the installer
with a checkbox.
the main problem with encouraging people to run their own recursive DNS
occurs when mobile users visit a network that intercepts or blocks port
53. afaik there isn't an easy point&click way to toggle between the
locally installed recursive nameserver and the nameservers provided via
DHCP, nor is there a good way to detect and alert the user that port 53
mangling is occurring.
--
Robert Edmonds
edmonds at isc.org
More information about the dns-operations
mailing list