[dns-operations] new public DNS service: 9.9.9.9
Paul Vixie
paul at redbarn.org
Sat Nov 18 06:41:44 UTC 2017
Noel Butler wrote:
> From Australia, I have responses of 179ms (so certainly wont be using them)
>
> ...
i am curious; perhaps you'd be willing to help me.
i don't use offsite RDNS. running my own is just too easy. and, i want
sub-millisecond response times, especially for negative answers. and,
even though i believe quad9's published privacy policy, just as i
believe google's for 8.8.8.8 and cisco/umbrella's for opendns, i do not
trust all of the ISP's between me and them, and all of the telco's they
buy service from, not to data mine my queries. eventually "dpriv" or
some kind of dns-over-ssl will moot that last point. but, there are and
will remain a lot of reasons why i don't use "public dns".
when i do use "public dns" is when i'm in a strange hotel wifi that
blocks my laptop's own RDNS from reaching the outside DNS world, and in
that case i use google's 8.8.8.8 or 8.8.4.4, because it's raw and
unfiltered, and the only filtering i trust is what i do for myself using
DNS RPZ on my own RDNS servers.
when i do want filtering i use opendns, because their anycast was built
some years ago and it's extremely stable and mature. i expect quad9 to
get there eventually, but i don't expect to ever need to use them,
because i have three alternatives at higher priority: running my own;
using a raw unfiltered service such as google 8.8.8.8; or using an older
and very mature service like opendns.
what was your use case for quad9, such that the round trip time
mattered? that is, why were you considering them?
--
P Vixie
More information about the dns-operations
mailing list