[talk] public "private" dns resolver
N.J. Thomas
njt at ayvali.org
Sun Sep 22 02:53:10 EDT 2019
* Pete Wright <pete at nomadlogic.org> [2019-09-20 17:09:22-0700]:
> so on a scale of meh to omg-kill-it-with-fire would running a random
> resolver with no ACL's on the public internet be?
[...]
> up my configuration. i'd like to avoid setting restricting access as i
> want to avoid a hassle if my home internet ip changes
Two quick/random ideas off the top of my head:
- set your DNS server ACLs to allow the netblock(s) for your cable
modem company, one could argue this is not as bad as opening it up
to the public internet
- I don't think you have one judging from your post...but you could
setup a cheap pfsense box at home and use spiped or some similar
setup to connect to your your public server; your name server
would listen locally, and spiped would encrypt the connection and
pipe it home to your pfsense box (you would have to do some work
if the IP changes, but I think that's scriptable)
Thomas
More information about the talk
mailing list