Re: Are public DNS a good thing? (was: Re: 1.1.1.1)

[Robert Kisteleki via NANOG <nanog () lists nanog org>]

On Thu, Jul 17, 2025 at 6:18 PM Paul Ebersman via NANOG <
nanog () lists nanog org> wrote:

> Running a safe and robust recursive service for large numbers of users
> or a business is not trivial. The reality is that most SMB don't have
> anyone with the expertise to do this well. For those folks, or folks
> that don't like/trust their ISP at home, using the quad-X (1.1.1.1,
> 8.8.8.8, 9.9.9.9) is a much better and safer experience than trying to
> run their own.

By 2025, through decades of hard work and dedication, we reached the point
where:
* running your own email is too hard because of more and more rules and
arbitrary restrictions from the big providers - better outsource it to
gmail or else you risk not being able to deliver your customers' mails
* running your own web servers without a CDN in front of them is really not
wise, because only the big providers can defend against DDoS attacks, and
if your business depends on availability you have not choice but to comply.
Otherwise you're out in the "toxic wasteland" as Geoff put it
* running your own DNS is too hard - see above, better outsource it to one
of the few key players

I'd like to believe this is reversible, but I fear in reality we're heading
further down the path of centralisation.

Robert
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/7ZW2U6ACUF6TT4SUFRM7DS5XF5BMZCZF/