17 Jul
2025
17 Jul
'25
4:17 p.m.
This raises my question: are public DNS like 1.1.1.1 or Google's 8.8.8.8 actually a good thing?
rubensk> According to BCP-140, no, not a good thing. That BCP is from 2015... Running a safe and robust recursive service for large numbers of users or a business is not trivial. The reality is that most SMB don't have anyone with the expertise to do this well. For those folks, or folks that don't like/trust their ISP at home, using the quad-X (1.1.1.1, 8.8.8.8, 9.9.9.9) is a much better and safer experience than trying to run their own. Yes, there are some performance and privacy tradeoffs. But the folks running the quad-X are far more likely to be current on DNS trends, not using 2015 habits in a 2025 world.