Public DNS servers. -- I like UUNet's servers (I also do caching/forwarding internally)
Bryan J. Smith
2004-04-29 10:10:15 UTC
Hi Guys.
My Mickey Mouse ISP is having no end of problems with DNS, and as such it
is causing me trouble too. For example, when browsing the web I get
frequent DNS errors. This can also be a real PITA when downloading a set
of Debian iso images with jigdo...
Can anyone recommend some good public DNS servers that I can use instead?
Yeah, it seems BrightHouse Networks doesn't like the fact that I'm using
Earthlink's cable option, so _neither_ RoadRunner _nor_ Earthlink's DNS
servers are reliable for me either.

So I use UUNet's 2 main caching servers:,

I've used these same DNS servers for 6 or so years, ultra-fast and
Hi Ozz,
I'm not sure if I understand you correctly, but I just make my own box
the DNS server in /etc/resolv.conf. Every Linux box comes equipped with
a caching DNS server, so I've found no need to use anyone else's, at
least for client purposes.
[ Despite the opportunity I'm now giving him to call for my banning, I
will "correct" Mr. Litt this one time ;-]

Steve, your approach is good. I do almost the exact same:
1. DNS Cache on all workstations (including Windows c/o BIND)
2. DNS Cache, Local (for my private LAN) _and_ forwarding (to UUNet)
on my local server

But what Ozz is talking about is the _public_ DNS servers to retrieve
other DNS names from. You still have to name an _external_ source.

Ozz can either use Root Hints to directly access the Root Internet
DNS servers (is this even allowed anymore?), or another DNS server
on the Internet.

I choose the latter, c/o UUNet. and are UUNet's
main caching DNS servers they and recommend to their clients (feed by which are their main, primary/secondary servers -- don't
use those directly, don't think you can anyway).

I do this c/o #2. Even though I do DNS caching on each system, I
still have them refer to an _internal_ DNS server, namely my main
file/app server (and a secondary if I had one). That caches
_all_ internal forward/reverse resolution (as you should _never_
pass that outside). And if it is an external name, my internal
server then handles any "forwarding" of anything to an external,
caching it for _all_ internal clients as well (reducing the
number of external lookups in general).

This is far more ideal from a performance and security standpoint
(especially if the internal then "forwards" to an isolated/protected
server, like maybe a DNS server in a DMZ, so the internal is never
"directly accessing" the Internet). Using advanced BIND 9
capabilities (keys, signing), you can also cut down on the chance
or even eliminate of DNS poisoning (at least internally).
Open Source DNS
one of them, quasar.
Hmmm, didn't know about them. Thanx!
Bryan J. Smith, E.I. -- Engineer, Technologist, School Teacher