default local DNS caching name server

Chuck Anderson cra at WPI.EDU
Sat Apr 12 13:31:54 UTC 2014

On Sat, Apr 12, 2014 at 02:09:19PM +0800, P J P wrote:
> > On Saturday, 12 April 2014 11:11 AM, William Brown wrote:
> > Say I have freshly installed my fedora system at home. I then boot it up
> > and start to use it. My laptop is caching DNS results all the while from
> > the "unreliable" ISP.
> > 
> > I then go to work and suddenly things don't work.
> > 
> > Having a DNS cache doesn't fix your unreliable ISP: You need to lodge a
> > complaint with your ISP.
>   What, no! that was the case for having local cache and not forwarding queries to the ISP's name servers at all. Because those are not reliable.

I disagree.  You can still do DNSSEC validation with a local caching
resolver and configure that local resolver to forward all queries to
the ISP.  That should be tried first, and only bypassed and become a
full interative recursive querier bypassing the ISP resolvers if that
fails.  We need to respect the DNS caching infrastructure by default.

More information about the devel mailing list