I know I'm only supposed to post once a year on here, but well I guess I'm feeling ambitious. :} Today's topic is DNS servers. I've been using Comcast as my ISP for some time, mainly because there are no other decent choices in the area I live in. It's not horrible, however the main DNS servers are not that reliable and they don't support IPv6. I like having IPv6 support mainly due to the fact it's impossible to know what IPv6 only sites are available if it isn't supported. Whenever I install a new linux version one of the first things i do is go to http://ipv6-test.com/ and see if my ipv6 is working. That is how i first noticed my ISP was not supporting IPv6. I then searched for a public DNS server that would support IPv6. I have been using Google's free DNS servers for a number of years now, set to dns 8.8.8.8 and secondary dns of 8.8.4.4. It has been more reliable and faster than Comcast's DNS servers. So what's the issue then? The issue is really Google's relentless data collection policies. Along with the fact they make their money primarily by selling advertising.
This led me onto a quest for a DNS server that wasn't so interesting in selling my data but might actually be interested in providing a good DNS experience. There are several good ones, https://www.opendns.com/ worked well but is mostly focused on DNS filtering which was not my primary reason for changing. I then tried https://dns.watch/ which worked well and I liked they don't log or sell information but after reading an article about DNS latency, it mentioned that it is very important to find one in your country because every time you type in a url it has to go to that server to resolve the ip address. Looking up the information on dns.watch it appears to be located in Germany. Having a DNS server in Germany can add latency and slow down your requests. That led me to looking for a more open-source solution.
Which led me to https://www.opennic.org/ where anyone can run their own DNS server. I thought about doing that, all you need is a Linux server, which I could easily set up. That would be the best solution, however they mentioned on their wiki they don't recommend running a DNS server from ones home, again its about latency. The less hops is always better. So instead of running my own DNS server I found one that is near that supports both ipv4 and ipv6 and does not log and supports dnscrypt. Been using it for a couple weeks and it is fast and been awesome so far.
I doubt the average person really cares about what DNS server they use, but why make it easier for huge companies to monitor what sites you visit in order to provide you with more ads. Of course DNS logging is only one way they collect information and certainly won't make you anonymous on the web. It may be impossible to stay anonymous in todays' world but you don't need to hand them all your personal information on a silver platter either :}
Tuesday, September 12, 2017
Tuesday, July 18, 2017
Linux and SystemD
Anyone following or using Linux has noticed that the systemd init system has been pushed into more and more distributions. Most of the popular distributions have switched to it and offer little choice of using anything else. It was originally developed by a redhat employee and first appeared in fedora several years ago. I have used distros that are based on systemd and it seems to work fine and does provide a faster startup. The concern is that by standardizing the init system it allows Linux to become less fragmented (which could be good, but) and thereby easier to monitor. I remember seeing a video analysis of the systemd documentation a couple years ago where in one area the developer had a comment "this was added to keep the 3-letter agencies happy". The guys doing the analysis only said.. not sure what he means by that but it might be a good idea to stay far away from this. This along with the fact that systemd is not too unix like (do one thing and do it well is the unix motto) has created some push back in the linux community and therefore this wiki page was created:
without-systemd.org
I have tried several of the distros listed on the wiki and there are two that really stand out as being more stable and tested.
manjaro-openrc and devuan.org
I originally favored manjaro because its based on Arch linux which is my favorite distribution. However because it uses the Arch repos and the Arch Users Repository (AUR), i noticed that some programs wanted to install systemd back in as a dependency, which defeats its purpose.
After another run with Slackware i settled on Devuan as my distro of choice. Seems to work well, based on Debian but without systemd. Haven't noticed any negative effects yet, and have installed quite a lot of software. I did have to change to the testing repos instead of stable because the network driver and nvidia driver were too old in the stable repositories for my hardware.
Combine Devuan with i3 Window Manager and you end up with a pretty sweet fast OS that hopefully isn't full of spyware :}
UPDATE: After a few weeks on Devuan, I was disappointed that the distro is not updated regularly. Some of the software is quite old. Decided to go with a more bleeding edge distro Void Linux that uses runit for the init system. Install went well and all the packages I needed were available. Might keep this one for awhile :}
without-systemd.org
I have tried several of the distros listed on the wiki and there are two that really stand out as being more stable and tested.
manjaro-openrc and devuan.org
I originally favored manjaro because its based on Arch linux which is my favorite distribution. However because it uses the Arch repos and the Arch Users Repository (AUR), i noticed that some programs wanted to install systemd back in as a dependency, which defeats its purpose.
After another run with Slackware i settled on Devuan as my distro of choice. Seems to work well, based on Debian but without systemd. Haven't noticed any negative effects yet, and have installed quite a lot of software. I did have to change to the testing repos instead of stable because the network driver and nvidia driver were too old in the stable repositories for my hardware.
Combine Devuan with i3 Window Manager and you end up with a pretty sweet fast OS that hopefully isn't full of spyware :}
UPDATE: After a few weeks on Devuan, I was disappointed that the distro is not updated regularly. Some of the software is quite old. Decided to go with a more bleeding edge distro Void Linux that uses runit for the init system. Install went well and all the packages I needed were available. Might keep this one for awhile :}
Subscribe to:
Posts (Atom)