Comment 14 for bug 1133777
Revision history for this message
| Clement Lefebvre (clementlefebvre) wrote | #14 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
"If you look at the comment above from David @ OpenDNS, he says specifically
that he only wants OpenDNS to be used with user consent, and that they've
deliberately not done deals with ISPs to use their DNS. This should be
reason enough to cease pushing out OpenDNS."
--> Yes, that's reason enough. That and the fact that it doesn't fail but redirects on incorrect domain names.
"Not to the mention you're leaking out DNS queries to a non-authoritative
third-party without telling the user about it."
--> If DNS fallback is a good thing and resolvconf is reliable, I'm ok with using a 3rd party we can trust. At the time OpenDNS seemed trustworthy when it came to privacy (and that might still be true I don't know). Right now I see OpenNIC is openly guaranteeing to protect your privacy.
"In some configurations of resolv.conf, the order does not matter, and it will cycle through or randomise the name servers in use. This would break local DNS. There is also a limit of three resolvers in use, and the behaviour if there are more is undefined."
--> That's key info right there. That's the tech feedback I wanted to hear. If the order isn't always respected the whole concept fails. I'll need to verify/test that. If it's confirmed we'll no longer preset the tail for resolvconf.
"The problems people experience with their resolver would occur on **any other operating system they use**. Is there something about Mint's resolver configuration that is causing these problems "just for Mint"? Are there timeout values that are much shorter?"
--> We discussed that on the forums. It's an interesting question and lack of DNS resolution was indeed widespread at some stage. We did notice two upstream changes though around the same time... first, the introduction of resolvconf in Ubuntu, second changes in the filesystem paths for /run and /var/run. It is possible Ubuntu broke something or didn't have things properly in sync between NetworkManager and resolvconf for a couple of releases... and so it's very possible DNS fallback isn't as much an issue as it once was. The best way to tackle that would be to remove DNS fallback in Mint 16 RC and keep an eye out for feedback to see if people are still hit with the problem.
The preferred approach so far seems to be:
- Remove DNS Fallback in Mint 16 RC
- If RC feedback doesn't bring it as an issue, remove it entirely
- Otherwise review the technical implementation (order needs to be guaranteed and fallback should never be queried before the user's DNS) and if a working solution is found, look for an alternative DNS service (so far openNIC seems to be the best).