Jump to content

Talk:Domain name resolution

From ArchWiki
(Redirected from Talk:Alternative DNS services)
Latest comment: 29 March by Nl6720 in topic Implement DoT with stunnel on any server

Some DNS servers flush the cache when the configuration changes

Latest comment: 3 March 20191 comment1 person in discussion

unbound and systemd-resolved flush the cache when the network configuration changes. However dnsmasq with the default setup keeps its cache when the configuration changes. Is this information worth adding to the comparison table? -- Pdc (talk) 12:40, 3 March 2019 (UTC)Reply

Implement DoT with stunnel on any server

Latest comment: 29 March3 comments3 people in discussion

Can't we use stunnel with any of the listed servers ? I am not sure if it is possible to forward every queries from the server to stunnel, or how to make every answer from the server go through stunnel (maybe use iptables ?) -- Apollo22 (talk) 21:01, 25 May 2019 (UTC)Reply

I don't know about this, I've yet to research in enough detail. What I'd really like to offer readers is a way they can replace insecure outbound DNS requests with a more trustless implementation of DNS-Over-HTTPS (or DoT). I say 'trustless' because what it would do is send the request to a few DNS servers, say four, and will wait for three identical responses before visiting that IP address. Is there anything that does this?
I think is imperative that we have something like this. The amount of centralization that internet has experienced is something I find dangerous for a number of reasons (Archaid (talk) 17:27, 16 September 2020 (UTC)).Reply
I just tried to get stunnel to work with dnsmasq and pdnsd. Neither of those worked because they don't support forcing TCP use when forwarding. The only remaining DNS servers from the list where stunnel would be useful are Deadwood and PowerDNS Recursor, but looking at their documentation[1][2], I can't find anything about forcing TCP. My conclusion is that, now that BIND supports DNS over TLS natively, the stunnel tip is useless for resolver use case. I may be useful for server use case. -- nl6720 (talk) 15:23, 29 March 2025 (UTC)Reply

Add and potentially replace cloudflared with cloudflare-warp-bin

Latest comment: 24 September 20232 comments2 people in discussion

IIRC cloudflared is for servers to connect to Cloudflare and Warp is in fact for client users. See https://1.1.1.1/ and https://aur.archlinux.org/packages/cloudflare-warp-bin

Mystiquewolf (talk) 17:26, 24 September 2023 (UTC)Reply

The page does not say that cloudflared is for clients. Cloudflare WARP is not a DNS resolver, it is a proprietary VPN service: [3], [4], [5]. — Lahwaacz (talk) 17:59, 24 September 2023 (UTC)Reply

Add information about home.arpa in the "Local domain names" subsection

Latest comment: 27 October 20231 comment1 person in discussion

The RFC 8375 defines the special-use domain name "home.arpa." for home networks. Should we mention using "home.arpa" as the search domain would be preferable in local home networks, unless one has already purchased a domain name for usage inside a home network?


In addition, the section "Local domain names" mentions "example.org" as the search domain and although the "example.org" domain has been assigned as a special-use domain for documentation, would mentioning "home.arpa" instead be preferable? Ayushnix (talk) 07:10, 27 October 2023 (UTC)Reply

Retrieved from "https://wiki.archlinux.org/index.php?title=Talk:Domain_name_resolution&oldid=830111"