Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Install and use the pdnsd proxy DNS server Internet
Tiger only hintOne day I discovered that my Internet Service Provider's Domain Name System (DNS) servers were not working as expected. I did not see the usual "can't find the server" message when I made a typo in Safari. Instead, a search engine appeared offering to help me find what I was looking for.

I realized that this sort of DNS response was undesirable, as it presents security and privacy issues, so I immediately installed the pdnsd proxy DNS server and configured it to query the root servers directly. Since then, my ISP has removed that unwanted "feature," but I continue to use pdnsd for peace of mind.

And now, I've documented how to use the same setup on other Mac OS X version 10.4 computers.
    •    
  • Currently 2.17 / 5
  You rated: 5 / 5 (6 votes cast)
 
[12,587 views]  

Install and use the pdnsd proxy DNS server | 10 comments | Create New Account
Click here to return to the 'Install and use the pdnsd proxy DNS server' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Install and use the pdnsd proxy DNS server
Authored by: drocko on Mar 08, '06 08:54:32AM

Having everyone query the root DNS servers is impolite and wrong! Do not do this!



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: Arturia on Mar 08, '06 08:35:33PM
drocko said : Do not do this!

Funny thing this gives me an urge to try the hint ;)

[ Reply to This | # ]

Seriously, don't
Authored by: kL on Mar 09, '06 05:52:03AM

Don't query root servers directly. They're too important for functioning of Internet and they're not supposed to be queried by end users.

If your ISP's DNS sucks, just use some other public caching DNS.



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: drocko on Mar 09, '06 08:59:40AM

It's bad for the health and well being of the internet to do this. This also sort of doesn't solve the problem of your ISP misbehaving. It would be better to use another public caching DNS server as someone else suggested and also file reports with your ISP for breaking their DNS system.



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: ibroughton on Mar 08, '06 03:26:41PM

Having worked for an ISP for some time I have to agree with Drocko. This may not be the wisest thing to do

---
The server is up but the site is down and I don't know which direction you are trying to go



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: ibroughton on Mar 08, '06 03:28:46PM

Forgot to add...

While the 'feature' added by your ISP was not the most helpful thing to do, just think of the extra load this hint would place on the root DNS servers

---
The server is up but the site is down and I don't know which direction you are trying to go



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: xplora on Mar 09, '06 07:44:01PM

Actually using the root servers this way is perfectly fine, the root servers do not keep or cache any specific data, only point dns queries in the right direction. So therefore this software will only do what it is supposed to do.

Besides, in OS X, you can get the same functionality by running "sudo named" in the terminal and setting localhost or 127.0.0.1 as your dns server.



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: xplora on Mar 09, '06 07:46:03PM

note, extra configuration required to have named auto-start after restarting.



[ Reply to This | # ]
Install and use the pdnsd proxy DNS server
Authored by: drocko on Mar 10, '06 09:08:34AM

I'm not sure that you understand the issue here correctly.

The problem with everyone pointing to the root DNS servers is that if too many people use them that don't need to then they will be overwhelmed with DNS requests.

While it is true that named and pdnsd are acting as a caching DNS server in these cases they are still querying the root DNS servers when they look up an address that is not in their cache. What your personal machine should be doing is looking up DNS from another server that may query the root servers. Structuring DNS in this way spreads the load out and protects the infrastructure.

Like I said before: querying the root DNS servers from a personal machine is impolite and wrong.



[ Reply to This | # ]
Thanks for the feedback
Authored by: brianwells on Mar 12, '06 06:06:10PM
I appreciate all of your valuable feedback and have updated the web page to show three additional pdnsd configurations that do not put such a load on the root DNS servers.

Some of you mentioned the possibility of using some other public caching DNS server. In my Google searches, all I found was the European Open Root Server Network, which is not really that usable for me here in the US. If you know of a list of available servers or one in particular, please let me know.

Thanks!

– Brian Wells

[ Reply to This | # ]