[tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
Ralph Seichter
m16+tor at monksofcool.net
Tue Sep 12 22:00:13 UTC 2017
On 12.09.17 23:43, Roman Mamedov wrote:
> > I take it you're being ironic?
>
> Guess I failed at doing that well, if you had to clarify. (Or maybe
> you didn't read my entire message.)
I did read it. Just the pitfalls of non-verbal communication, and I'm
also not a native English speaker. ;-)
> Running your own authoritative nameservers is laudable as well, but the
> current discussion is about recursive resolvers. You know, the likes of
> 8.8.8.8 and the ones your ISP runs for their clients "to reduce traffic".
If you read *my* messages in this thread, you'll find that I am fully
aware of this. I even mentioned Google's infamous resolver by IP. :-)
I came across one ISP so far which does not provide resolvers for their
customers but points resolv.conf to Google's servers. Not good.
> Note that 'dnsmasq' won't do, that's just a caching proxy to a fixed
> set of a few upstream DNS resolvers; you need 'unbound' which IS a full
> independent DNS resolver itself.
Yeah, I use Unbound and BIND myself, with the former of course being
much more frugal in terms of resource requirements. Easy to set up, too.
-Ralph
More information about the tor-relays
mailing list