[AusNOG] 1.1.1.1 DNS resolvers

Nikolai Lusan nikolai at lusan.id.au
Tue Apr 3 21:06:13 EST 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,
On Mon, 2018-04-02 at 10:32 +1000, Terry Manderson wrote:

> How many operators promote services like 1.1.1.1 and 8.8.8.8 to their
> customers instead of operating their own recursive DNS infrastructure?
> 
> And if you do, what was the driver and then risk mitigation position
> taken?

There is more to think about if you are an end provider - like complying
with Australian court orders to block certain sites at a DNS level. 

Certainly your own servers have both benefits and drawbacks (like it's
something else to secure). I personally like to run my own resolvers
everywhere (home/work, etc.). The extra security isn't a real problem for
me, and the ability to use BIND views, RPZ zones, and other bells and
whistles is a major benefit.

- -- 
Nikolai Lusan

Email: nikolai at lusan.id.au
Phone: 0425 661 620
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAlrDYCUACgkQ4ZaDRV2V
L6QsqQ/+MhJIiPeeRmiJzS0AD96nb60sLPcIzwKevugTt23gZ8oAfNKMuz6ptIEl
/UfdFsrjrIKhEfbiu+whvuVjW9V7YZYjON5cFgKg8tGYChlgwLXm/K4Yt+HoZYpw
6bnlRCM2ABzem6/3+kBwr8C5yH/0/Ypi0+VxWHYwsT4WiVHxNqH0CPjcbi/DxaOA
jEXxvaZwlaa3C9XjPQ/9A/wqw/0mi56/qV1G2seqc6Xwah9DwcvG6mPOOiIuxMeu
ZUbGyhivyCuPoUlqRBo2rmVRfay+X9sdzdmOJNaXrJWk/8oRa4PWHKLkhGszb5jZ
VdcLjtTCOLCwF4cXT7oyNzoqLgznSOthBpmJM7e6rGOaSgAR19HOG6TPPwVDUsBg
NRJQsC4PPD1pdCFIn15aXY+32PqO2SBNL7gXJB/nzCwsMkJO7fCtPcCyREVUKckl
9To/OjgTLAETPC2pehGsr4MNJBiV904BdUy3UvErGs6z8qrWho+2Cr19R3CObnjw
N38HKWg4gFnjM98XJEnStVeoEWI+LCEPaCrSSxrPGy6Efy8JHMJglpqxatZkROL4
CEEbCVj3NJgaWjc6wuPubsDtEukUD1gy9vGXiqKRfOFBkP8sl47Dre4rSRzMGuna
xcbV2A9fas+4lT4IPJ623fZni6BDxbAfYJ8Sv5rxOKsUrVt6198=
=q7pG
-----END PGP SIGNATURE-----



More information about the AusNOG mailing list