On 05/18/2012 12:37 AM, Ed Greshko wrote:
On 05/18/2012 03:22 PM, JD wrote:
So, what's to prevent someone from simply modifying dnsmasq (or any other open source caching name resolver) to change the expiration time to a value greater than what the owner of the domain wants? Sure it may result in using stale ip addresses once in a while. I think that's more tolerable than having to wait anywhere from 10 to 30 seconds to resolve every new name browsed to; (new relative to contents of the cache).
Nothing "stops" anyone from doing that....except they'd be mucking with the DNS system in ways unintended/unexpected. I personally wouldn't use that software.
If you need to wait that long for address resolution then you've either got a *very* slow network, your link is saturated, or the DNS server you're contacting is a poor performer.
I had an ISP here in Taiwan that required you to use their DNS servers. They blocked port 53 outbound from their network. Their DNS servers would get overloaded from time to time...but even then I rarely waited for more than a second or two.
Some people prefer to set their resolv.conf to point to 8.8.8.8 and 8.8.4.4 which are 2 of google's public nameservers that are very fast.
I am indeed pointing my resolv.conf to the 2 google nameservers. You're probably right about our home network. I think the router has a very low bandwidth (hardware wise), probably because it doubles up as the decoder for the TV contents being viewed on 2 to 3 different TV's in the house. TV signals come directly to the router on the coax, and then are sent back on the coax to the 3 TV sets. We're stuck with what we have.