Yet another Quadruple DNS?

Sun Apr 1 20:03:41 UTC 2018

mhoppes> Why not just implement recursive cache severs on end user
mhoppes> routers?

Because who ever saw problems with old, unpatched code or misconfigured
CPE routers? And they all use the best possible hardware and are at the
end of uncongested, close to the core connections. Not. ;)

mhoppes>> Why does an end user CPE need to query one or two specific DNS
mhoppes>> servers?

Better cache hit rates, professionally run and maintained DNS servers,
better connectivity, all resulting in better performance.

Yes, geo-ip is a bit off but in most large ISPs, caching recursive
servers are very close to the same exit point for consumer connections
and the CDN folks keep close track of this. And EDNS client subnet
mostly works.

And yes, running your own resolver is more private. So is running your
own home linux server instead of antique consumer OSs on consumer grade
gear and using VPNs. But how many folks can do that?

This also ignores the shift if every house in the world did its own
recursion. TLD servers and auth servers all over the world would have to
massively up their capacity to cope. And you'd wind up consolidating
small domain owners onto folks like godaddy, etc. because they couldn't
run their own and survive. Large caches are a win for both users and
auth DNS servers.

None of these are bad or good. They all have tradeoffs.

As long as ISPs don't actually disallow running of recursive servers (or
do opt-in like some ISPs do with running your own MX), there are folks
that will want to run their own. Some will want the ISP resolvers, some
will want to use some of the well run public resolvers (like google,
opendns, quad9, cloudflare).

Choices aren't a bad thing.