[talk] public "private" dns resolver

Pete Wright pete at nomadlogic.org
Fri Sep 20 20:09:22 EDT 2019


so in light of all the recent sillyness of mozilla enabling DoH and all 
that it got me thinking it is past due for me to stop using my home ISP 
DNS servers.  i do have a server colo'd with an ISP i trust, so my first 
thought is to fire up a jail and setup unbound as a recursive resolver 
that i would then point my home at.  seems simple enough.

so on a scale of meh to omg-kill-it-with-fire would running a random 
resolver with no ACL's on the public internet be?  i've run resolvers 
(which had ACL's enabled) on the public net for work as well as public 
bind servers doing anycast - so i feel confident i won't horribly mess 
up my configuration.  i'd like to avoid setting restricting access as i 
want to avoid a hassle if my home internet ip changes, or if i want to 
use this resolver while i'm on the road.

thoughts?
-pete

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA




More information about the talk mailing list