Hi Marius,
If you want to randomize requests to different servers, please try
stubby package. I think it should offer best anonymity available.
It is not true nscd is the only one. I think unbound at least randomizes
queries, but I admit it is not configured via /etc/resolv.conf. With
I think both dnsmasq and systemd-resolved does not keep strict ordering,
which selects random server. But sure, it does not usually spread like
option random in resolv.conf.
I would suggest local unbound with qname-minimisation: yes. It is fedora
default. I think it would also spread the usage, but would have to
verify it.
Cheers,
Petr
On 11/7/20 3:33 PM, Marius Schwarz wrote:
Am 05.11.20 um 12:39 schrieb Petr Menšík:
> There is no controversy with nscd, it just caches names and nothing
> more. I think this is its advantage. Unless there is any stronger
> reason, I am against this change in advance.
>
It not only caches names, it also RANDOMIZES the requests to the dns
servers configured, increasing the privacy of ones internet journey.
AFAIK, it's the only dnscomponent available with fedora to do so.
Deprecating a unique component with no major bugs or flaws seems to be
illogical.
best regards,
Marius
--
Petr Menšík
Software Engineer
Red Hat,
http://www.redhat.com/
email: pemensik(a)redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB