Is there such a thing as federated dns servers, self hosted or otherwise? I don’t particularly care about piracy but I can see this dominoing into abortion, lgtq+ ect…ect…
DNS is centralized in that there is a root zone that determines who is the canonical authority for each top level domain like .com or .world (and the registrar for each top level domain controls who controls each domain under them). But it’s also decentralized in the sense that everyone who controls a domain can assign any subdomains below that, and that anyone can choose to override the name resolving with their own local DNS server (or even a hosts file saved on the device).
The court case here is trying to override the official domain ownership records at specific DNS providers. The problem is that the intermediaries are being ordered by the courts not to follow the central authority.
Federation wouldn’t fit this model: we still want DNS to be canonical where everyone in the world agrees which domain resolves to which IP addresses.
As long as you’re not using DNSSEC, you can easily run your own. I’ve been running a PiHole for years now, it can pull in block lists and such from various sources, it’d be fairly easy to add a list to pull in automatically that include extra records. Those could be served from anywhere. Torrents, git repos, http calls, etc.
Note that with just pihole you would still be affected by this, since pihole needs an upstream dns server to get it’s data from.
But if you set up pihole with unbound you will be OK, since unbound then will do the job of getting data from the root servers without another upstream dns.
A PiHole functions has a full DNS server. You can configure it to serve any arbitrary records you like - which is basically how it overrides ad domains to prevent them from loading.
So, if you know the IP address that a particular domain is supposed to route to, you configure the PiHole to respond with that IP address for that domain. So, it doesn’t matter that the major DNS servers return junk because your PiHole never asks them.
$80? I run mine on a Pi Zero that I got for $9 with a $6 wired network adapter for a grand total of $15. No problems for a household of five with one of us (me) being an extremely heavy user.
I used to do that, but it comes with the problem of your DNS going down any time you want to restart or do a hardware swap on your NAS. Or since it was running in docker something as simple as reloading docker would knock out the internet for a few minutes. It’s worth the $15 to have them operate separately.
Doesn’t that just move the problem to the $15 device? Or are you saying you reboot your NAS significantly more often than your RPi? I have a RetroPie setup that I reboot about as often as my NAS, which is when I remember to run updates.
Is there such a thing as federated dns servers, self hosted or otherwise? I don’t particularly care about piracy but I can see this dominoing into abortion, lgtq+ ect…ect…
I don’t think this question really makes sense.
DNS is centralized in that there is a root zone that determines who is the canonical authority for each top level domain like
.comor.world(and the registrar for each top level domain controls who controls each domain under them). But it’s also decentralized in the sense that everyone who controls a domain can assign any subdomains below that, and that anyone can choose to override the name resolving with their own local DNS server (or even a hosts file saved on the device).The court case here is trying to override the official domain ownership records at specific DNS providers. The problem is that the intermediaries are being ordered by the courts not to follow the central authority.
Federation wouldn’t fit this model: we still want DNS to be canonical where everyone in the world agrees which domain resolves to which IP addresses.
As long as you’re not using DNSSEC, you can easily run your own. I’ve been running a PiHole for years now, it can pull in block lists and such from various sources, it’d be fairly easy to add a list to pull in automatically that include extra records. Those could be served from anywhere. Torrents, git repos, http calls, etc.
Note that with just pihole you would still be affected by this, since pihole needs an upstream dns server to get it’s data from.
But if you set up pihole with unbound you will be OK, since unbound then will do the job of getting data from the root servers without another upstream dns.
I my experience it is also faster.
Would pihole work if all the major DNS that gets pulled resolved the same? I would imagine the change would only work for a while.
A PiHole functions has a full DNS server. You can configure it to serve any arbitrary records you like - which is basically how it overrides ad domains to prevent them from loading.
So, if you know the IP address that a particular domain is supposed to route to, you configure the PiHole to respond with that IP address for that domain. So, it doesn’t matter that the major DNS servers return junk because your PiHole never asks them.
Pihole is great. Easy to setup. Runs on $80 worth of hardware on a raspberry…
$80? I run mine on a Pi Zero that I got for $9 with a $6 wired network adapter for a grand total of $15. No problems for a household of five with one of us (me) being an extremely heavy user.
Or if you have a NAS, just use that. There’s nothing special about the Raspberry Pi hardware here.
I used to do that, but it comes with the problem of your DNS going down any time you want to restart or do a hardware swap on your NAS. Or since it was running in docker something as simple as reloading docker would knock out the internet for a few minutes. It’s worth the $15 to have them operate separately.
Doesn’t that just move the problem to the $15 device? Or are you saying you reboot your NAS significantly more often than your RPi? I have a RetroPie setup that I reboot about as often as my NAS, which is when I remember to run updates.
unbound is a validating, recursive, caching, self-hosted DNS resolver.