[squid-users] Force DNS queries over TCP?
Chris Horry
zerbey at gmail.com
Thu Jun 30 18:20:53 UTC 2016
On 06/30/2016 13:34, Alex Crow wrote:
> I'd suggest changing IP as this practice is
>
> a) a violation of trust, forcing you to use a potentially compromised
> resource you have no control over
> b) a clear violation of net-neutrality
> c) a violation of standards (as it's probably one of those that instead
> of returning NXDOMAIN as required sends you to an advertising page.
> )
Tell me about it. My ISP and I are having a pitched battle about it
now. Unfortunately my options are limited in my current area but at
least it's not Comcast!
> I'm pretty sure you /can/ configure BIND to work like that. I should
> imagine you could set up forwarders to TCP-based DNS servers.
>
> The other option is to get a DNS server set up on a VPS and tunnel your
> requests to it via IPSEC.
Sounds like a good idea, time to learn IPSEC!
Thanks,
Chris
--
Chris Horry
zerbey at gmail.com
http://www.twitter.com/zerbey
PGP:638C3E7A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160630/4f375a87/attachment-0001.sig>
More information about the squid-users
mailing list