[dns-operations] Should medium-sized companies run their own recursive resolver?
Jo Rhett
jrhett at netconsonance.com
Fri Oct 18 19:01:36 UTC 2013
On Oct 17, 2013, at 6:15 PM, Richard Lamb <richard.lamb at icann.org> wrote:
> ...did nothing but boot up and offer recursive dns to the local LAN, with auto-update of dnssec keys, default limits for rate limiting, and a subscription to an RPZ that was hosted say by DNS-OARC, then we'd be done by now. it could have a slightly custom kernel that allowed the server to specify IP.TTL=3 in sendmsg().
Well on the good front, most of the custom builds to replace the crap home router firmwares use Unbound or DnsMasq and I'm even starting to see them shipping on units by default. Both of these fit your description, and work decently well for that super-minimal need (that solves the issue for most households). Honestly I think getting more units to use these distributions will quietly solve the problem for most small sites.
Windows-based sites with Windows resolution needs have bought their own pain.
--
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
Author of Instant Puppet 3 Starter: http://www.netconsonance.com/instant-puppet-3-starter-book/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20131018/11e1f66f/attachment.html>
More information about the dns-operations
mailing list