How can I have my own Public DNS Server (like 1.1.1.1)?

I actually wrote a blog post along these lines a few moments back about setting up a cache-only DNS server for a local network (to resolve DNS locally if possible, instead of query out to public DNS servers).

Fortunately, there’s not a huge difference between this and setting up a public DNS server (more on that below) except you’ll want to have the following instead of what’s listed in the blog post linked above:

options {
// to allow recursive lookup from root name servers if necessary
recursion yes;
// allow any hosts to query BIND; having ‚internal;‘ maps to the acl listed at the top, you can use similar to restrict to certain external IPs if you desire
allowquery {any;}
}

Now, as others have mentioned, there are reasons you’d likely not want to host a public facing (and fully open) DNS server.

  • Reliability – If you want a large adoption, you’ll want the DNS server to be reliable. This involves having more than a single host, ideally spread across the globe and having multiple systems in place at each location for any issues that may arise.
  • Ill Intent of Others – You’ll likely see things like DNS cache poising (or other spoof attacks), DDoS attacks (or amplification attack, read briefly here about them), or zone transfer attacks.

It would still be a good exercise to go about setting one up, should you be interested.

Best of luck!

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.