> On 10 Mar 2021, at 17:11, Rick Moen <rick@???> wrote:
> Quoting wirelessduck--- via Dng (dng@???):
>
>> What’s the consensus on Quad9? Are they any better from a privacy
>> standpoint?
>
> To say again, why outsource recursive nameservice to _anyone_?
>
> You seem like a large number of people who are weirdly resistant to
> the notion of basic control of one's own fundamental network
> infrastructure and looking for some stranger to outsource the task to,
> and I keep wondering why the obvious alternative of running a recursive
> DNS nameserver instance locally isn't even considered, let alone the
> obvious default choice.
>
> But hey, whatever works for you.
Au contraire, I’m running unbound right now on my laptop. There are some situations though where it’s not feasible to run one's own recursive DNS resolver, such as a home router for non-technical people that doesn’t support ddwrt/openwrt.
Unfortunately the current version of unbound packaged in Debian/Devuan has an annoying bug when running under non-systemd+apparmor.
https://bugs.debian.org/947771
I attempted to install knot-resolver as an alternative but it appears that the upstream packages have gained a hard dependency on systemd.
MaraDNS/Deadwood packages in Debian are still using a release from 2015, so I guess I’ll be trying powerdns-recursor next as that package appears to be reasonably up to date.