In article <848464982.14027.1456503347620.JavaMail.mhammett@ThunderFuck> you write: >I think you'd be hard pressed to find more than a tenth of a percent of people >attempt to run their own DNS server. Some do because they think >it'll be better in some way. Rare is the occasion where anything user >configured would outperform a local DNS server managed by the ISP that does no >form of trickery.
I run my own DNS cache behind my home NAT router. It knows about some locally served names so I can refer to the computers on my LAN by name, and it does DNSSEC which my ISP's (T-W) DNS caches don't. Since it's not visible from outside, it's hard to see how anyone could abuse it, and it really does stuff that other caches don't. I wouldn't have any problem if my ISP filtered outgoing port 53 traffic with the QR bit set, of which I should be sending none, but I'd be annoyed if they filtered outgoing queries. R's, John