[dns-operations] On-board resolvers (was Re: NANOG threat on government-ordered DNS poisoning and DNSSEC.)

Frank Sweetser fs at WPI.EDU
Fri Nov 13 14:32:28 UTC 2015


On 11/13/2015 09:22 AM, Mark Jeftovic wrote:
>
>
> On 2015-11-13 4:55 AM, Roland Dobbins wrote:
>>
>> <http://mailman.nanog.org/pipermail/nanog/2015-November/082310.html>
>>
>
>>From time to time I wonder why there has not been an impetus toward
> on-board DNS resolvers: on the device, on the desktop, on the computer,
> everything running it's own resolver. Especially on devices that move
> around a lot (like laptops).
>
> These could be made to be pretty lightweight. Smaller footprint than,
> say, Angry Birds.
>
> Then you don't need to worry about the ISP (or the hotel's crappy
> NXDOMAIN redirection, MX-intercepting) resolvers, you run your own
> on-board and if the ISP/crappy hotel etc is trying to block that you
> just tunnel it (or use that nifty dns-over-http gateway which was
> discussed here recently).
>
> I have to confess I've been putting some thought into it again lately.
>
> - mark
>

You're not the only one:

http://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html

As another bonus, this would also fix the absolutely horrible Linux behavior 
when the first nameserver listed in resolv.conf is down.

-- 
Frank Sweetser fs at wpi.edu    |  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |           - HL Mencken



More information about the dns-operations mailing list