[dns-operations] resolvers considered harmful

Stephane Bortzmeyer bortzmeyer at nic.fr
Sat Oct 25 16:15:30 UTC 2014

On Thu, Oct 23, 2014 at 10:36:37AM -0700,
 Paul Vixie <paul at redbarn.org> wrote 
 a message of 24 lines which said:

> until you have done this and have results to report, you'd be wise not
> to make any claims about this possibility.

I run Unbound on my laptop for many years, using ::1 as the only
resolver. It works on most normal networks. As usual, hotel and
airport networks are awful, necessiting a fallback. The best solution
is to automatize the fallback with the excellent dnssec-trigger

More information about the dns-operations mailing list