Should I configure the DNS2 to an other company's DNS address? The 2019 Stack Overflow...
Is three citations per paragraph excessive for undergraduate research paper?
How to deal with fear of taking dependencies
Dual Citizen. Exited the US on Italian passport recently
How to manage monthly salary
Access elements in std::string where positon of string is greater than its size
Are there any other methods to apply to solving simultaneous equations?
On the insanity of kings as an argument against monarchy
Lethal sonic weapons
Potential by Assembling Charges
aging parents with no investments
How to reverse every other sublist of a list?
What can other administrators access on my machine?
Extreme, unacceptable situation and I can't attend work tomorrow morning
"To split hairs" vs "To be pedantic"
How do you say "canon" as in "official for a story universe"?
Is there a name of the flying bionic bird?
How to create dashed lines/arrows in Illustrator
Why is Grand Jury testimony secret?
Unbreakable Formation vs. Cry of the Carnarium
Why don't Unix/Linux systems traverse through directories until they find the required version of a linked library?
What does "rabbited" mean/imply in this sentence?
How is radar separation assured between primary and secondary targets?
How come people say “Would of”?
Does light intensity oscillate really fast since it is a wave?
Should I configure the DNS2 to an other company's DNS address?
The 2019 Stack Overflow Developer Survey Results Are InCombining different DNS serversDNS Query ScriptOpenVPN “breaks” my local DNS downcan ping google dns, but not google.de -> unknown host // worked in another networkBIND9: DNS resolves sometimes (!) take very long or don't work at allPing works only with IP addresses (not with domain names)Temporary DNS resolve to local ip (for temporary http redirect)BIND / old DNS entries in Google cacheDifferent DNS answers per ip using bind DNSLocal (127.0.1.1) DNS resolver ignores LAN DNS server
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,
but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.
will the bellow be better than the former?
8.8.8.8
208.67.222.222
EDIT-01
My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?
dns network-interface
asked Apr 6 at 4:17
244boy244boy
1405
add a comment |
When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,
but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.
will the bellow be better than the former?
8.8.8.8
208.67.222.222
EDIT-01
My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?
dns network-interface
asked Apr 6 at 4:17
244boy244boy
1405
Please define better. In what way better? And what it at208.67.222.222?
– ctrl-alt-delor
Apr 6 at 10:22
add a comment |
When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,
but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.
will the bellow be better than the former?
8.8.8.8
208.67.222.222
EDIT-01
My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?
dns network-interface
asked Apr 6 at 4:17
244boy244boy
1405
When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,
but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.
will the bellow be better than the former?
8.8.8.8
208.67.222.222
EDIT-01
My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?
dns network-interface
dns network-interface
asked Apr 6 at 4:17
244boy244boy
1405
asked Apr 6 at 4:17
244boy244boy
1405
edited Apr 6 at 12:17
244boy
asked Apr 6 at 4:17
244boy244boy
1405
asked Apr 6 at 4:17
244boy244boy
1405
asked Apr 6 at 4:17
244boy244boy
1405
1405
Please define better. In what way better? And what it at208.67.222.222?
– ctrl-alt-delor
Apr 6 at 10:22
add a comment |
Please define better. In what way better? And what it at208.67.222.222?
– ctrl-alt-delor
Apr 6 at 10:22
Please define better. In what way better? And what it at
208.67.222.222?– ctrl-alt-delor
Apr 6 at 10:22
Please define better. In what way better? And what it at
208.67.222.222?– ctrl-alt-delor
Apr 6 at 10:22
add a comment |
1 Answer
1
active
oldest
votes
First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.
So some recommendations:
- Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities
- Do not put blindly
8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers - There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead
9.9.9.9or1.1.1.1or80.80.80.80or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.
Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510842%2fshould-i-configure-the-dns2-to-an-other-companys-dns-address%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.
So some recommendations:
- Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities
- Do not put blindly
8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers - There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead
9.9.9.9or1.1.1.1or80.80.80.80or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.
Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
add a comment |
First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.
So some recommendations:
- Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities
- Do not put blindly
8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers - There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead
9.9.9.9or1.1.1.1or80.80.80.80or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.
Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
add a comment |
First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.
So some recommendations:
- Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities
- Do not put blindly
8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers - There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead
9.9.9.9or1.1.1.1or80.80.80.80or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.
Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.
So some recommendations:
- Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities
- Do not put blindly
8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers - There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead
9.9.9.9or1.1.1.1or80.80.80.80or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.
Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
answered yesterday
Patrick MevzekPatrick Mevzek
2,18311124
2,18311124
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510842%2fshould-i-configure-the-dns2-to-an-other-companys-dns-address%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Please define better. In what way better? And what it at
208.67.222.222?– ctrl-alt-delor
Apr 6 at 10:22