[squid-users] Force DNS queries over TCP?

brendan kearney bpk678 at gmail.com
Thu Jun 30 18:40:15 UTC 2016


Nscd or name server caching daemon may be of help.  I believe you can run
your own bind instqnce and point it at the roots, instead of using your
isp's broken implementation
On Jun 30, 2016 2:21 PM, "Chris Horry" <zerbey at gmail.com> wrote:

>
>
> On 06/30/2016 13:34, Alex Crow wrote:
> > I'd suggest changing IP as this practice is
> >
> > a) a violation of trust, forcing you to use a potentially compromised
> > resource you have no control over
> > b) a clear violation of net-neutrality
> > c) a violation of standards (as it's probably one of those that instead
> > of returning NXDOMAIN as required sends you to an advertising page.
> > )
>
> Tell me about it.  My ISP and I are having a pitched battle about it
> now.  Unfortunately my options are limited in my current area but at
> least it's not Comcast!
>
> > I'm pretty sure you /can/ configure BIND to work like that. I should
> > imagine you could set up forwarders to TCP-based DNS servers.
> >
> > The other option is to get a DNS server set up on a VPS and tunnel your
> > requests to it via IPSEC.
>
> Sounds like a good idea, time to learn IPSEC!
>
> Thanks,
>
> Chris
>
> --
> Chris Horry
> zerbey at gmail.com
> http://www.twitter.com/zerbey
> PGP:638C3E7A
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160630/efe4e263/attachment.html>


More information about the squid-users mailing list