[dns-operations] Should medium-sized companies run their own recursive resolver?
richard.lamb at icann.org
Fri Oct 18 01:15:33 UTC 2013
Thank you Paul!
if we had spent the man hours which have been used up by this thread, collaborating to build an ISO image in kvm, vmware, and xen formats, that did nothing but boot up and offer recursive dns to the local LAN, with auto-update of dnssec keys, default limits for rate limiting, and a subscription to an RPZ that was hosted say by DNS-OARC, then we'd be done by now. it could have a slightly custom kernel that allowed the server to specify IP.TTL=3 in sendmsg().
that is, we could be done by now, shipping it, arguing about how to document it and support it and publicize its existence. we could be making the rounds of our respective friends and families to find all the openwrt forks and get each of them to offer identical functionality. somebody could write a BCP about it.
done by now. out the door. boat in water.
Maybe some links for reasonable annual $upport next to the ISO links would be good too.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations