Allegedly, on or about 8 December 2018, sean darcy sent: > I'm running a DNS server (unbound) on a VOIP server. It's crucial > that I can always resolve addresses, even if it's slower. Now DNS1 is > set to 127.0.0.1, peerdns no. Giving: What makes you think it'll be slower? I run a local DNS server, and it resolves my LAN addresses as well as internet addresses. It does that by going out to the root servers, like a normal DNS server does, completely ignoring my ISP's DNS servers. It does a good job, better than using my ISP's. Sure, your own DNS server won't have a pre-cached result for things that you request. But your ISP mayn't have them, too. They'll only cache things already requested by you or other customers. And only the addresses that external hosts allow to be cached (so many things are deliberately uncacheable, these days). The time delay of you getting them is minuscule (especially compared with the much longer time other things, like browsers and mail clients, actually take to make connections and interact with the WWW). Quite often an ISP's DNS servers are overloaded and slow (my ISPs have always been slower than my own DNS servers). About the only downside I see to ignoring ISP DNS servers, is when you have to resolve the ISP's own addresses. It *can* be that they offer their clients different addresses for the same things that the outside world can connect to. e.g. If your ISP was example.com, then using their mailserver at mail.example.com *might* have a different IP within their network than outside of it. Though I've not experienced this. You can put ISP DNS server addresses into your DNS server configuration, for it to forward unknown requests to. But if your ISP's DNS server addresses change, you have to update them. I have experienced two really annoying problems with ISP's DNS servers: Firstly, there's been failing ones that are overloaded, badly configured, compromised, whatever. Secondly there's been interfering ones, that either censor the internet, or intercept attempts to connect to wrong addresses with unhelpful "perhaps you wanted this" correction, or even advertising pages (instead of giving the proper "address doesn't exist" error warning). I'd run a local DNS server, ignore the ISPs, and have it resolve LAN and all WWW addresses for you. -- [tim@localhost ~]$ uname -rsvp Linux 4.16.11-100.fc26.x86_64 #1 SMP Tue May 22 20:02:12 UTC 2018 x86_64 Boilerplate: All mail to my mailbox is automatically deleted. There is no point trying to privately email me, I only get to see the messages posted to the mailing list. It seems the modern trend with Linux programmers is to change existing software so that it's more annoying to use (e.g. making reboots required, when they never used to be), then denying that *that* is a nuisance, then saying it's necessary (ignoring that several years of prior versions didn't have that stupid requirement), then complaining about being criticised for making things worse. Don't try giving me an Emperor's New Clothes routine, it won't wash. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
