Submitted 12 hours ago by avidamoeba@lemmy.ca to selfhosted@lemmy.world
https://www.joindns4.eu/for-public#resolver-options
Hey gang, I’m considering using DNS4EU in Canada. My ping to their servers is ~130ms. That’s way longer than anything local which is on the order of 1-5ms. Apart from resolving uncached entries taking longer, is there any contraindication to using a DNS server with high latency?
Does it actually block thepiratebay, yts, 1337x? Lots of European DNS servers do.
Each of them returns the correct answer.
Protective Resolution - IP address 86.54.11.1 Protective + Child Protection - IP address 86.54.11.12 Protective + Ad blocking - IP address 86.54.11.13 Protective + Child Protection + Ad blocking - IP address 86.54.11.11 Unfiltered Resolution- IP address 86.54.11.100
;; ANSWER SECTION: thepiratebay.org. 300 IN A 162.159.137.6 thepiratebay.org. 300 IN A 162.159.136.6
Could you test this? It wukd bring fact to the conversation instead of just doubt and workload.
This is one of those things that if you really want to do it, you’ll have to live with the consequences.
I’m an American that VPNs everything first to my VPS then down a double hop commercial VPN tunnel that finally exits in Switzerland. DNS traffic also travels over that VPN tunnel so you’ll rightly guess that my DNS is rather slow too.
What I do is I run a resolver on the VPS (physically near me) that aggressively prefetches commonly queried DNS records. After years of using Unbound I found Blocky to be much, much faster (especially with huge blocklists).
130ms is perceivable but still quite small, and you’d only hit it once per domain (per TTL). If you care enough to intentionally use it then I wouldn’t worry about it. You’ll rarely notice the difference.
There are a few other services with similar ethos that you may want to check out as alternatives. Quad9 is the one I remember off the top of my head.
I was using Quad9 for quite some time, but I had consistent problems with the DNS sometimes not working.
In my local network I switched to pihole with unbound as the resolver. Though this does require a bit more setup. I have unbound setup to serve expired records from the cache & prefetch comment queries, this helps with most of the delay.
On my phone I use dnsforge.de when I am not at home for example, and haven’t had any problems with unresponsive DNS so far.
I’m getting 153 ms. I’m in Europe. Other DNS servers are like 40ms.
Well, this is selfhost, so why not do that and set up unbound to use?
Is unbound different than say dnsmasq that my router is running? Isn’t it just another DNS server that has to go to a higher DNS server for resolution?
So you’re asking if there is any other way to work around physics and get a better response time to servers that are thousands of miles away?
No.
Sorry.
Not asking for a workaround. Asking if I’m missing some problem with using a slow DNS server I might run into, other than the obvious one.
The only task of a DNS server is (or should be) to tell you how to get to a resource you’re looking for by name. So, the only thing that is going to be reallistically affected is your (initial) connection times. And – since this is c/selfhosted – if you are setting a decent DNS cache in your local network, that should be even less of an issue.
The only borderline scenario that I could see feasible, since this is c/selfhosted , is that some software you are setting up that requires nanosecond DNS resolution or somesuch sillyness is going to fail or report false errors. But why would you even do that?
There are many similar services like RethinkDNS that you should consider instead.
gimping your dns’ ping just to not use something non-american won’t change orange man’s policies. use a private dns close to you.
deafboy@lemmy.world 4 hours ago
Question for the general public. Why not use the DNS server provided by your ISP?
They already know what websites you visit, because TLS1.2 still leaks the hostname. They might as well provide some useful service in return.
EncryptKeeper@lemmy.world 3 hours ago
Not if you use a vpn