The quality of dns always makes or breaks your internet experience. Personally at home unbound on opnsense with some blocking list has always worked really well for me. Openwrt with pihole also works fine. But the moment I have to use some recursive dns like this, I tend to not enjoy the experience.
It really depends. Cloudflare, quad9 or whatever upstream DNS probably has huge cache which makes resolving the queries quite fast. Although, local caching, like with unbound, is still going to be a lot better than any upstream resolver
opnsense + ctrld[0] + unbound works great and automatically upgrades upstream requests to DoH (etc.)
Was using NextDNS for a while, but stability and performance was a common issue. I like the idea of something like pihole, but ControlD is good, works anywhere, and is easy to manage.
Probably the responsiveness of things. Firefox is very sensitive to DNS roundtrip time during daily use. A faster response time provides much better experience with it.
I guess that ~25% of "Firefox is slow" myth is coming from slow DNS response, if not higher.
I honestly have no idea. I observe it all the time, and note repeatedly everywhere when the discussion comes up, but never had the time to dig into the code and see how that all works.
How censored are Quad9? I find it annoying when DNS providers try to cut me off from foreign news services so if I were to switch I'd like to know that they won't.
So they provide full information on what happened, with all legal papers attached at the end, and a link to a site that gives you a list of all "blocked sites" that where effected by that order.
While the outcome is quite unfortunate, the way they provide all info here seams like a plus in my book here.
If a state/entity comes after your org tomorrow, and you got to either fight legally or leave the market (like cisco in the story), what would you do?
I think the France legislation is aimed at most major resolvers. You might get away with more niche ones for now, but the only stable way is to self-host a recursive resolver (like unbound) that walk the DNS tree themselves.
Hosting is never hard. It's about maintainability. How do you handle HA? How will you expose the service? What about backups? How efficiently are you running it? That's just the tip of the iceberg. For an average joe, this is not something they wanna deal with
Was using NextDNS for a while, but stability and performance was a common issue. I like the idea of something like pihole, but ControlD is good, works anywhere, and is easy to manage.
[0] https://github.com/Control-D-Inc/ctrld/wiki/pfSense-and-OPNs...
A regular dns like quad9 + ublock origin on Firefox has been a consistently great experience for me.
I guess that ~25% of "Firefox is slow" myth is coming from slow DNS response, if not higher.
While the outcome is quite unfortunate, the way they provide all info here seams like a plus in my book here.
If a state/entity comes after your org tomorrow, and you got to either fight legally or leave the market (like cisco in the story), what would you do?
A niche resolver may get away under the radar, but only because they were not targeted.
1 - https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
2 - https://dnscrypt.info/public-servers/