If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rating: | Display Modes |
#31
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
Werner Obermeier writes:
So, if I understood you, any one of these 13 servers is the backbone of the Internet in that THEY are the master DNS servers? For example, if all 13 were to fail at once (just theoretical), would the Internet stop working? David W. Hodgins writes: Yes and yes. If one of the servers goes down, the domain names it stores would not be accessible, until it was replaced and restored, but any of the root servers can be used to find all of the root servers that are working. DNS would not stop working immediately. Every nameserver at every level caches every lookup that it does for a period noted in the entry. The root servers do not get consulted all that often. -- John Hasler Dancing Horse Hill Elmwood, WI USA |
Ads |
#32
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sun, 14 Jun 2015 10:13:21 -0400, John Hasler wrote:
DNS would not stop working immediately. Every nameserver at every level caches every lookup that it does for a period noted in the entry. The root servers do not get consulted all that often. True, but there are normally only three levels. The server being used, the root servers, and the domain severs. The longest cache setting I've seen is 1 day, though it's also not unusual to see short time like 10 minutes, or less. If the root servers were down, the dns server being used would only have entries in it's cache for sites that had been looked up within the expiry time of those entries. For example, a site registered with dyndns.org typically has a timeout of 600 seconds (10 minutes), so it would stop being accessible if the root severs, or the dyndns servers were down for longer than that. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.) |
#33
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sat, 13 Jun 2015 20:17:32 -0400, Mayayana wrote:
| Is there a set of DNS servers with a philosophy of NOT remembering | everything ... (sort of like how Duckduckgo promises for browsing)? OpenDNS 208.67.222.222 208.67.220.220 I don't know for sure how trustworthy they are, Their HQ is based in the US, so I wouldn't use it. -- s|b |
#34
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
David W. Hodgins writes:
For example, a site registered with dyndns.org typically has a timeout of 600 seconds (10 minutes), so it would stop being accessible if the root severs, or the dyndns servers were down for longer than that. The root servers only handle top level domains (com, net, org, biz, info, etc.) org has a TTL of 86400. -- John Hasler Dancing Horse Hill Elmwood, WI USA |
#35
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sunday June 14 2015 09:16, in alt.os.linux, "Andy Burns"
wrote: Werner Obermeier wrote: So, if I understood you, any one of these 13 servers is the backbone of the Internet in that THEY are the master DNS servers? For example, if all 13 were to fail at once (just theoretical), would the Internet stop working? Yes, Yes and No. No, the internet would not stop working. The TCP/IP protocols do not depend on DNS; they are quite happy with IP addresses. No, even the Domain Name System would keep going, just under a different set of root servers. You can even use these alternative root servers now; check out the UnderNIC project, for instance. Yes, most Internet "users" would be unable to use the Internet, because they depend on the official root servers, and don't know how to change to the alternates. Anyone who gets their DNS resolved through their ISP or through "public" DNS servers like Google would likely be unable to use the Internet should the official root servers die. but just because there are 13 names of root DNS servers, most names have many actual servers (e.g. there are 150 L servers) in widely spaced locations using anycast routing. e.g. there are three L's, two D's and one each of A, E, F, K and I in the UK. As for the idea of running Bind (or one of the other DNS server packages) on your own systems, I think that it is a great idea (and I do it myself). Many ISPs now "inject" their own IP addresses in response to unresolvable DNS names, should you use their DNS service. With these sorts of "helpfull" ISPs, you might point your web browser at http://www.GOUGGELE.COM/ and, instead of getting a "server not found" message, get someone's ad service, or MITM of google.com. Running your own caching DNS server bypasses all that, and is often faster at resolving names than your ISP's DNS (because of the lower traffic and smaller hop-count). -- Lew Pitcher "In Skills, We Trust" PGP public key available upon request |
#36
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
Lew Pitcher writes:
Running your own caching DNS server bypasses all that, and is often faster at resolving names than your ISP's DNS (because of the lower traffic and smaller hop-count). There are better choices for a caching-only server than BIND, though. -- John Hasler Dancing Horse Hill Elmwood, WI USA |
#37
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sun, 14 Jun 2015 12:23:38 -0400, John Hasler wrote:
There are better choices for a caching-only server than BIND, though. If you only want a caching only name server, that's true. I also want to be able to use the name server for dns within my lan. It took a while to learn how to configure bind to do that, but it works. I did provide a list earlier in this thread of other name servers, most of which are caching only servers, not suitable for setting up dns within a lan. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.) |
#38
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
| Their HQ is based in the US, so I wouldn't use it.
| You avoid anything American? I don't think I've ever heard that view before. Is there another DNS server alternative? I've only heard of OpenDNS. I used to make a small income from selling shareware, for several years when the PC craze was big. I still occasionally make a sale. Almost all the people who paid are in the US. Of those, nearly all are *not* in big cities. The people who paid voluntarily before I started trying to enforce it were all in the "flyover states". I once had 2,500 downloads in a single night, all from Germany. Not one of them sent money. I guess what I'm saying is that while corporate America represents much of the sleaze online, there's also a great deal of simple, innocent decency in American society. |
#39
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
|
#40
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
Lew Pitcher wrote in
: Yes, most Internet "users" would be unable to use the Internet, because they depend on the official root servers, and don't know how to change to the alternates. To better understand that statement, I ask whether I am in that category of "user" above. I have the typical operating systems (Windows & Linux) on laptops & desktops. On those PCs, I do not touch any DNS settings (I don't know how to anyway). On my home broadband router, when I set it up initially, it asked for DNS servers so I gave it a primary & secondary (and maybe even tertiary) that I plucked off the net (probably from this ng). I'm sure my ISP has a DNS server - but I have no idea if I'm using it. Having said that, am I one of those Internet "users" who will not be able to use the Internet once the 13 a-m servers go down (theoretically)? |
#41
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sunday June 14 2015 12:55, in alt.os.linux, "Werner Obermeier"
wrote: Lew Pitcher wrote in : Yes, most Internet "users" would be unable to use the Internet, because they depend on the official root servers, and don't know how to change to the alternates. To better understand that statement, I ask whether I am in that category of "user" above. I have the typical operating systems (Windows & Linux) on laptops & desktops. On those PCs, I do not touch any DNS settings (I don't know how to anyway). On my home broadband router, when I set it up initially, it asked for DNS servers so I gave it a primary & secondary (and maybe even tertiary) that I plucked off the net (probably from this ng). I'm sure my ISP has a DNS server - but I have no idea if I'm using it. Having said that, am I one of those Internet "users" who will not be able to use the Internet once the 13 a-m servers go down (theoretically)? In theory, yes. Sorry. -- Lew Pitcher "In Skills, We Trust" PGP public key available upon request |
#42
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sun, 14 Jun 2015 12:51:53 -0400, Werner Obermeier wrote:
Andy Burns wrote in (e.g. there are 150 L servers) Just to understand, are these 150 "L" servers all duplicates of the master "L" server? Yes. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.) |
#43
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sun, 14 Jun 2015 12:55:53 -0400, Werner Obermeier wrote:
Lew Pitcher wrote in : Yes, most Internet "users" would be unable to use the Internet, because they depend on the official root servers, and don't know how to change to the alternates. To better understand that statement, I ask whether I am in that category of "user" above. If you don't know how to set up a dns server, or use the alternate root servers, then yes. On my home broadband router, when I set it up initially, it asked for DNS servers so I gave it a primary & secondary (and maybe even tertiary) that Note that a dns lookup will normally only use the first server. A second or third sever will only be used if the prior server(s) either timed out or responded with a server failure message. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.) |
#44
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
On Sun, 14 Jun 2015 12:43:21 -0400, Mayayana wrote:
| Their HQ is based in the US, so I wouldn't use it. You avoid anything American? I'm using a newsreader, "made in the USA", so, no. But I'm not going to use a DNS which HQ's is based in the US. I don't think I've ever heard that view before. Have you heard of the Patriot Act? I know certain data can be collected, but I'm trying not to *give* it away! Is there another DNS server alternative? I've only heard of OpenDNS. There's Google's DNS, but I'm avoiding that too (obviously). I don't see why not to use the DNS my ISP offers me. There's was a data retention law in my country, but that's history: http://www.pcworld.com/article/2934792/belgian-data-retention-law-axed-by-constitutional-court.html -- s|b |
#45
|
|||
|
|||
Does a Duckduckgo privacy equivalent exist for DNS servers?
Werner Obermeier a écrit :
I just found 168 public DNS servers here. http://www.linuxinternetworks.com/li...dns-addresses/ So, one privacy option may be to rotate them every two days, so that you rotate through them all in a year. 10.0.0.2 = hetnet public dns server 10.0.0.3 = hetnet public dns server These are RFC 1918 private addresses. How can they be public servers ? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|