Should I configure the DNS2 to an other company's DNS address? The 2019 Stack Overflow Developer Survey Results Are InCombining different DNS serversDNS Query ScriptOpenVPN “breaks” my local DNS downcan ping google dns, but not google.de -> unknown host // worked in another networkBIND9: DNS resolves sometimes (!) take very long or don't work at allPing works only with IP addresses (not with domain names)Temporary DNS resolve to local ip (for temporary http redirect)BIND / old DNS entries in Google cacheDifferent DNS answers per ip using bind DNSLocal (127.0.1.1) DNS resolver ignores LAN DNS server

What does Linus Torvalds mean when he says that Git "never ever" tracks a file?

Is it possible for the two major parties in the UK to form a coalition with each other instead of a much smaller party?

Pristine Bit Checking

How can I create a character who can assume the widest possible range of creature sizes?

"What time...?" or "At what time...?" - what is more grammatically correct?

Why is the maximum length of openwrt’s root password 8 characters?

Limit the amount of RAM Mathematica may access?

What is the best strategy for white in this position?

If a poisoned arrow's piercing damage is reduced to 0, do you still get poisoned?

Manuscript was "unsubmitted" because the manuscript was deposited in Arxiv Preprints

What is a mixture ratio of propellant?

How can I fix this gap between bookcases I made?

What is this 4-propeller plane?

Does light intensity oscillate really fast since it is a wave?

On the insanity of kings as an argument against monarchy

How to manage monthly salary

It's possible to achieve negative score?

Why is it "Tumoren" and not "Tumore"?

How long do I have to send payment?

Is flight data recorder erased after every flight?

Extreme, unacceptable situation and I can't attend work tomorrow morning

Landlord wants to switch my lease to a "Land contract" to "get back at the city"

Monty Hall variation

Springs with some finite mass



Should I configure the DNS2 to an other company's DNS address?



The 2019 Stack Overflow Developer Survey Results Are InCombining different DNS serversDNS Query ScriptOpenVPN “breaks” my local DNS downcan ping google dns, but not google.de -> unknown host // worked in another networkBIND9: DNS resolves sometimes (!) take very long or don't work at allPing works only with IP addresses (not with domain names)Temporary DNS resolve to local ip (for temporary http redirect)BIND / old DNS entries in Google cacheDifferent DNS answers per ip using bind DNSLocal (127.0.1.1) DNS resolver ignores LAN DNS server



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,



but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.



will the bellow be better than the former?



8.8.8.8
208.67.222.222


EDIT-01



My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?






dns network-interface







share|improve this question
























  • Please define better. In what way better? And what it at 208.67.222.222?

    – ctrl-alt-delor
    Apr 6 at 10:22

















0















When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,



but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.



will the bellow be better than the former?



8.8.8.8
208.67.222.222


EDIT-01



My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?






dns network-interface







share|improve this question
























  • Please define better. In what way better? And what it at 208.67.222.222?

    – ctrl-alt-delor
    Apr 6 at 10:22













0












0








0








When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,



but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.



will the bellow be better than the former?



8.8.8.8
208.67.222.222


EDIT-01



My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?






dns network-interface







share|improve this question
















When I configure the interface's DNS,
we often configure 8.8.8.8 and 8.8.4.4,



but I have a question, because the 8.8.8.8 and 8.8.4.4 all are belong to google.



will the bellow be better than the former?



8.8.8.8
208.67.222.222


EDIT-01



My 'better' means analysis more domains and more steadier, because the 8.8.8.8 and 8.8.4.4 all are belong to google, if there gives the DNS2 to another company's DNS address will it be better?






dns network-interface




dns network-interface






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Apr 6 at 12:17







244boy

















asked Apr 6 at 4:17









244boy244boy

1405




1405












  • Please define better. In what way better? And what it at 208.67.222.222?

    – ctrl-alt-delor
    Apr 6 at 10:22

















  • Please define better. In what way better? And what it at 208.67.222.222?

    – ctrl-alt-delor
    Apr 6 at 10:22
















Please define better. In what way better? And what it at 208.67.222.222?

– ctrl-alt-delor
Apr 6 at 10:22





Please define better. In what way better? And what it at 208.67.222.222?

– ctrl-alt-delor
Apr 6 at 10:22










1 Answer
1






active

oldest

votes


















0














First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
Note that failed to respond is not the same as responded with a failure.



So some recommendations:



  1. Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities

  2. Do not put blindly 8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers

  3. There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead 9.9.9.9 or 1.1.1.1 or 80.80.80.80 or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.

Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510842%2fshould-i-configure-the-dns2-to-an-other-companys-dns-address%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
    Note that failed to respond is not the same as responded with a failure.



    So some recommendations:



    1. Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities

    2. Do not put blindly 8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers

    3. There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead 9.9.9.9 or 1.1.1.1 or 80.80.80.80 or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.

    Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)






    share|improve this answer



























      0














      First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
      Note that failed to respond is not the same as responded with a failure.



      So some recommendations:



      1. Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities

      2. Do not put blindly 8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers

      3. There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead 9.9.9.9 or 1.1.1.1 or 80.80.80.80 or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.

      Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)






      share|improve this answer

























        0












        0








        0







        First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
        Note that failed to respond is not the same as responded with a failure.



        So some recommendations:



        1. Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities

        2. Do not put blindly 8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers

        3. There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead 9.9.9.9 or 1.1.1.1 or 80.80.80.80 or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.

        Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)






        share|improve this answer













        First, if you have multiple IP addresses in /etc/resolv.conf, only the first one will be used until it stops responding, then only the second one will be used, and only for that specific query (next one will start again with first one).
        Note that failed to respond is not the same as responded with a failure.



        So some recommendations:



        1. Do not mix external (like public DNS resolvers) with internal ones; this most of the times makes no sense as it is based on the false beliefs that if the external one replies with domain not found then the internal one will be used for further query (this is false as explained in preambule); on the contrary it can lead to leaking internal sensitive information to external entities

        2. Do not put blindly 8.8.8.8, or in fact any other public open resolver; first think about it. Did you really think about the consequences (you are giving all your data to Google in this case, or any other organization; Are you happy with that?) and did you balance the pros and the cons? What prompted you not to use your ISP's recursive nameservers and/or installing some locally on your box or your network? There may be valid reasons to use public DNS resolvers, but it is always better to think about it a little before just putting some numbers

        3. There are a lot of public DNS resolvers, and I find particularly troubling that in 99% of the cases people seem to think only about Google. Why not using instead 9.9.9.9 or 1.1.1.1 or 80.80.80.80 or any listed at https://www.publicdns.xyz/ for example (without any guarantee that this list is correct or up to date)? Of course this does not change anything above previous point, whichever you choose should happen only after questioning why you need to do that.

        Please have a look at this other answer of mine: https://superuser.com/a/1318861/693623 that deal with the notion of trust, and what features you may want to have (QNAME minimization, data confidentiality, DNSSEC validation, etc.)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered yesterday









        Patrick MevzekPatrick Mevzek

        2,18311124




        2,18311124



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510842%2fshould-i-configure-the-dns2-to-an-other-companys-dns-address%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            getting Checkpoint VPN SSL Network Extender working in the command lineHow to connect to CheckPoint VPN on Ubuntu 18.04LTS?Will the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayVPN SSL Network Extender in FirefoxLinux Checkpoint SNX tool configuration issuesCheck Point - Connect under Linux - snx + OTPSNX VPN Ububuntu 18.XXUsing Checkpoint VPN SSL Network Extender CLI with certificateVPN with network manager (nm-applet) is not workingWill the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayImport VPN config files to NetworkManager from command lineTrouble connecting to VPN using network-manager, while command line worksStart a VPN connection with PPTP protocol on command linestarting a docker service daemon breaks the vpn networkCan't connect to vpn with Network-managerVPN SSL Network Extender in FirefoxUsing Checkpoint VPN SSL Network Extender CLI with certificate

            Image
            If human space travel is limited by the G force vulnerability, is there a way to counter G forces? Did Shadowfax go to Valinor? Do I have a twin with permutated remainders? Blender 2.8 I can't see vertices, edges or faces in edit mode 1960's book about a plague that kills all white people How can I make my BBEG immortal short of making them a Lich or Vampire? Alternative to sending password over mail? Is it inappropriate for a student to attend their mentor's dissertation defense? Why is Collection not simply treated as Collection<?> Took a trip to a parallel universe, need help deciphering Assassin's bullet with mercury Why is it a bad idea to hire a hitman to eliminate most corrupt politicians? I Accidentally Deleted a Stock Terminal Theme Is there a hemisphere-neutral way of specifying a season? What about the virus in 12 Monkeys? Why can't we play rap on piano? Arrow those variables! Today is the Center Modeling an IP Ad...
            Read more

            Cannot Extend partition with GParted The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election ResultsCan't increase partition size with GParted?GParted doesn't recognize the unallocated space after my current partitionWhat is the best way to add unallocated space located before to Ubuntu 12.04 partition with GParted live?I can't figure out how to extend my Arch home partition into free spaceGparted Linux Mint 18.1 issueTrying to extend but swap partition is showing as Unknown in Gparted, shows proper from fdiskRearrange partitions in gparted to extend a partitionUnable to extend partition even though unallocated space is next to it using GPartedAllocate free space to root partitiongparted: how to merge unallocated space with a partition

            Image
            Make it rain characters Keeping a retro style to sci-fi spaceships? How to split my screen on my Macbook Air? How can I define good in a religion that claims no moral authority? does high air pressure throw off wheel balance? Scientific Reports - Significant Figures Relations between two reciprocal partial derivatives? How to delete random line from file using Unix command? How did passengers keep warm on sail ships? How are presidential pardons supposed to be used? Are my PIs rude or am I just being too sensitive? He got a vote 80% that of Emmanuel Macron’s Change bounding box of math glyphs in LuaTeX Match Roman Numerals Was credit for the black hole image misattributed? How to pronounce 1ターン? how can a perfect fourth interval be considered either consonant or dissonant? Working through the single responsibility principle (SRP) in Python when calls are expensive High Q peak in frequency response means what in time domain? ...
            Read more

            Marilyn Monroe Ny fiainany manokana | Jereo koa | Meny fitetezanafanitarana azy.

            Image
            OlonaBiôgrafiaVangovangoMpilalaoMpilalao amin'ny horonantsaryMpamoaka horonantsaryTeraka tamin'ny taona 1926Maty tamin'ny taona 1962 EtazoniaLos Angeles fanitarana azy . Marilyn Monroe Avy amin'i Wikipedia Sauter à la navigation Sauter à la recherche Marilyn Monroe Ankapobeny Anarana Marilyn Monroe Teraka 1 Jiona 1926 Maty 5 Aogositra 1962 Fiaviana sy ny andraikitra Firenena Etazonia Asa : mpilalao mpilalao amin'ny horonantsary mpamoaka horonantsary Fiainana manokana Marilyn Monroe dia mpilalao, mpilalao amin'ny horonantsary, mpamoaka horonantsary mizaka ny zom-pirenen'i Etazonia teraka ny 1 Jiona 1926 tao Los Angeles ary maty ny 5 Aogositra 1962 Ny fiainany manokana | Ny vadiny dia James Dougherty, Joe DiMaggio, Arthur Miller. Jereo koa | Biôgrafia Rohy ivelany | Ao amin'i Freebase: [1] Mbola ambangovangony ity lahatsoratra ity ary tokony hofenoina . Azonao atao ny mandray anjara eto amin'ny Wikipedia amin...
            Read more