Hi there, I’m looking to get into self-hosting for privacy reasons and I wanted to ask y’all: how inadvisable is it to utilize an ISP-owned router/modem? I feel like they’re able to track everything I do online with their more than likely integrated spyware.
Fast? How would it compare to the evil Cloudflare?
I did one DNS query and it took 22 msec with the nearest OpenNIC server and 24 msec with Cloudflare’s 1.1.1.1
So dunno… roughly same responsiveness? Maybe OpenNIC is a tad faster? For a proper answer we’d need to do more measurements, though. And with OpenNIC you definitely need to pick a good server, not just any random one. They’ll have different locations, different policies and they’re in widely different datacenters.
That makes sense, since you’re in EU and opennic is in DE.
Isn’t it a global effort? According to what I see, they list a bunch of servers in all Europe, USA, Canada, Australia, …Japan?!
Of the tier 1 servers, 2 are in DE and 2 are in USA.
You won’t really hit tier2 unless you’re trying to hit very specific records.
I think the Tiers work the other way around. But I keep forgetting how DNS and recursive lookup works and I might be wrong.
I don’t think you’re supposed to query Tier 1 servers as a client. The Tier 2 servers would be what people connect to and who do the heavy lifting. The Tier 1 just do the root, authoritative stuff and their custom TLDs for the following network. So we’re not worried about where those are located.
You might be thinking of PKI and certificate trusts.
Tier 1 in DNS terms are high-level peered (peered with other tier 1 servers in major network segments) and just refer requests either downstream or to other tier 1 servers. This is no longer as necessary with CDNs everywhere, and DNS infrastructure no longer has to mirror routing landscapes, but it seems that opennic.org is still organised in this way.
Anecdotally, I switched a small network to use opennic in 2019 and it was a disaster, never again. I see that the DE servers are still being recommended to me in Canada, so I guess nothing has changed. Opennic is an example of a good idea with terrible execution.
Interesting. Thanks for the info. I’ll re-think whether I recommend it to random people around the world, then.
In Germany it’s great. I’ve been using it for many years now. But we have some good/strong hacker organizations, digital sovereignty and privacy groups, nonprofits and some generous IT companies. Maybe it’s random private individuals in other countries and they’re not as reliable.
Seems right now there’s something going wrong anyway. I don’t think the amount of “offline” servers is normal. And a good amount of them isn’t even offline, but still answer my DNS queries.
I’ll have to check it out. Thanks.