[dns-operations] new public DNS service:

Paul Vixie paul at redbarn.org
Sat Nov 18 06:41:44 UTC 2017

Noel Butler wrote:
> From Australia, I have responses of 179ms (so certainly wont be using them)
> ...

i am curious; perhaps you'd be willing to help me.

i don't use offsite RDNS. running my own is just too easy. and, i want 
sub-millisecond response times, especially for negative answers. and, 
even though i believe quad9's published privacy policy, just as i 
believe google's for and cisco/umbrella's for opendns, i do not 
trust all of the ISP's between me and them, and all of the telco's they 
buy service from, not to data mine my queries. eventually "dpriv" or 
some kind of dns-over-ssl will moot that last point. but, there are and 
will remain a lot of reasons why i don't use "public dns".

when i do use "public dns" is when i'm in a strange hotel wifi that 
blocks my laptop's own RDNS from reaching the outside DNS world, and in 
that case i use google's or, because it's raw and 
unfiltered, and the only filtering i trust is what i do for myself using 
DNS RPZ on my own RDNS servers.

when i do want filtering i use opendns, because their anycast was built 
some years ago and it's extremely stable and mature. i expect quad9 to 
get there eventually, but i don't expect to ever need to use them, 
because i have three alternatives at higher priority: running my own; 
using a raw unfiltered service such as google; or using an older 
and very mature service like opendns.

what was your use case for quad9, such that the round trip time 
mattered? that is, why were you considering them?

P Vixie

More information about the dns-operations mailing list