On Tue, Apr 22, 2014 at 12:46:59PM -0700, David Conrad wrote: > On Apr 22, 2014, at 12:26 PM, Stephane Bortzmeyer <[email protected]> wrote: > >> We need an independent, system-wide DNS cache, and always point > >> resolv.conf to 127.0.0.1 to solve this fundamental design > >> problem with how name resolution works on a Linux system. > >> Windows has had a default system-wide DNS cache for over a > >> decade. It is about time that Linux catches up." > > > > I agree and, by the way, this is also necessary to do DNSSEC > > validation in the right place (on the user's machine). > > +1 > > In my view, the benefits of a local cache vastly outweigh the costs. The > only downside is it can be a real PITA if you travel and have to rely on > #)@)@# broken middleboxes to authenticate to networks. DNS-over-HTTPS: it > seems like it's as inevitable as the heat death of the universe (and about as > desirable)...
dnssec-trigger + unbound handles the hotspot case. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
