mhoppes> Why not just implement recursive cache severs on end user mhoppes> routers? Because who ever saw problems with old, unpatched code or misconfigured CPE routers? And they all use the best possible hardware and are at the end of uncongested, close to the core connections. Not. ;) mhoppes>> Why does an end user CPE need to query one or two specific DNS mhoppes>> servers? Better cache hit rates, professionally run and maintained DNS servers, better connectivity, all resulting in better performance. Yes, geo-ip is a bit off but in most large ISPs, caching recursive servers are very close to the same exit point for consumer connections and the CDN folks keep close track of this. And EDNS client subnet mostly works. And yes, running your own resolver is more private. So is running your own home linux server instead of antique consumer OSs on consumer grade gear and using VPNs. But how many folks can do that? This also ignores the shift if every house in the world did its own recursion. TLD servers and auth servers all over the world would have to massively up their capacity to cope. And you'd wind up consolidating small domain owners onto folks like godaddy, etc. because they couldn't run their own and survive. Large caches are a win for both users and auth DNS servers. None of these are bad or good. They all have tradeoffs. As long as ISPs don't actually disallow running of recursive servers (or do opt-in like some ISPs do with running your own MX), there are folks that will want to run their own. Some will want the ISP resolvers, some will want to use some of the well run public resolvers (like google, opendns, quad9, cloudflare). Choices aren't a bad thing.