On 12.09.17 23:43, Roman Mamedov wrote:
I take it you're being ironic?
Guess I failed at doing that well, if you had to clarify. (Or maybe you didn't read my entire message.)
I did read it. Just the pitfalls of non-verbal communication, and I'm also not a native English speaker. ;-)
Running your own authoritative nameservers is laudable as well, but the current discussion is about recursive resolvers. You know, the likes of 8.8.8.8 and the ones your ISP runs for their clients "to reduce traffic".
If you read *my* messages in this thread, you'll find that I am fully aware of this. I even mentioned Google's infamous resolver by IP. :-) I came across one ISP so far which does not provide resolvers for their customers but points resolv.conf to Google's servers. Not good.
Note that 'dnsmasq' won't do, that's just a caching proxy to a fixed set of a few upstream DNS resolvers; you need 'unbound' which IS a full independent DNS resolver itself.
Yeah, I use Unbound and BIND myself, with the former of course being much more frugal in terms of resource requirements. Easy to set up, too.
-Ralph