Get used upsream DNS server

[cdev]

8.8.8.8 is Google. You trust Google more than you trust your ISP provided DNS?

I tend to avoid ISP servers in general. For comparison, my ISP does around 20ms faster on cache hit and ~70-100ms slower on cache miss compared to google, and there are of course those ISPs that do scummy things like DNS rewriting.

For IoT I'd just do "use DHCP DNS server as primary, 8.8.8.8 as fallback" if I'm contacting only external URLs.

For internal URLs (say for example your device have a configurable logging destination, or just have option for local controller)  it is a bit more complicated as you can't just use any external DNS because then no internal one will work. But then it's really the admin of device problem to provide stable DNS

[madires]

For internal URLs (say for example your device have a configurable logging destination, or just have option for local controller)  it is a bit more complicated as you can't just use any external DNS because then no internal one will work. But then it's really the admin of device problem to provide stable DNS

The lightweight dnsmasq, which is used by a lot of devices, supports request forwarding for specific domains

[Monkeh]

8.8.8.8 is Google. You trust Google more than you trust your ISP provided DNS?

... than the average consumer ISP? Fuck, yes.

[madires]

If I would be a really bad ISP playing games with DNS I'd also forward all DNS traffic for 8.8.8.8 to my resolvers

[cdev]

You can set up your own caching internal DNS server for your own machines that looks to the root DNS servers for all the top level domains, validating all the returned queries with DNSSEC.

"unbound" for example lets you do that.

If I would be a really bad ISP playing games with DNS I'd also forward all DNS traffic for 8.8.8.8 to my resolvers

[xani]

Well Google is probably using the data from 8.8.8.8 to do all sorts of interesting analysis but I doubt they will maliciously rewriting it

For internal URLs (say for example your device have a configurable logging destination, or just have option for local controller)  it is a bit more complicated as you can't just use any external DNS because then no internal one will work. But then it's really the admin of device problem to provide stable DNS

The lightweight dnsmasq, which is used by a lot of devices, supports request forwarding for specific domains

dnsmasq is really a great swiss-army-knife for home or small networks. Later versions even support TFTP serving so you can boot-from-network using only dnsmasq

[DimitriP]

8.8.8.8 is Google. You trust Google more than you trust your ISP provided DNS?

... than the average consumer ISP? Fuck, yes.

Anyone that tried to explain to their ISP that although the modem has an internet connection, can ping out using  IP addresses but the ISP's DNS is not resolving names:
A) Understands
B) No longer relies on the ISP's DNS

[hamdi.tn]

8.8.8.8 is Google. You trust Google more than you trust your ISP provided DNS?

... than the average consumer ISP? Fuck, yes.

Anyone that tried to explain to their ISP that although the modem has an internet connection, can ping out using  IP addresses but the ISP's DNS is not resolving names:
A) Understands
B) No longer relies on the ISP's DNS

I just checked my upstream DNS server at home and it's 8.8.8.8. So my ISP is giving this as a primary DNS server and the secondary is a local Tunisian server property of what called "Tunisian Internet Agency" i certainly trust google more than i trust this Agency.