Hacker News new | ask | show | jobs
by quesera 995 days ago
Just a reminder for anyone on the fence, or who has not considered it previously...

Running your own DNS resolver is super easy. It probably has the highest ROI of any self-hosted service, because it is so easy and inexpensive to do.

I recommend Unbound: https://nlnetlabs.nl/projects/unbound
2 comments
lantry 995 days ago
Plus you can do fun things like block ads across your whole network with tools like pihole.
link
AnonC 995 days ago
Can you disable the blocking on each device as and when needed (for a little while) and enable it back again (on iOS)? That would be a killer feature for running a DNS server and pi-hole at home.
link
snailmailman 995 days ago
It has a pretty easy “toggle for 5 mins” button on the dashboard if I encounter issues. It has a few preset time options.

I think you can set rules per device in Pihole? I haven’t tried personally. I’ve only had set a few (3-4) sites manually allowed through the blocklists.

link
RockRobotRock 995 days ago
How slow is running your own recursive DNS?
link
quesera 995 days ago
Depends on a few factors:

My nameserver, 8.8.8.8, and 1.1.1.1 are all about 25ms away from me. Mine is actually a few ms closer, but that will vary.

Bigger nameservers will have warmer caches, so first lookup might be a bit slower on my nameserver.

I presume the big nameservers are managed well under capacity, so load should not be significant.

All told, I cannot perceive any performance difference at all.

link
AndyMcConachie 994 days ago
I run my own resolver on my home network and I never notice anything. When loading a webpage or doing pretty much anything else online the DNS delay is negligible. And if the answer is already cached in my house it's definitely faster than having to leave my home network to get a response.
link
rubatuga 995 days ago
For my DNS resolver I run, it tends to take around twice as long for the initial request compared to other caching resolvers.
link
drexlspivey 994 days ago
It's actually a lot faster since unbound can prefetch and cache your most common queries. Most lookups in my pihole resolve in sub 1ms
link
RockRobotRock 994 days ago
Yeah but that's the same as a regular home DNS server that isn't recursive. Your devices also have their own cache.
link
drexlspivey 994 days ago
The point is that if the TTL is 10mins and you lookup the domain after it expires the regular DNS will go and fetch it, unbound fetches it as soon as it expires and it is already cached
link
RockRobotRock 994 days ago
Thank you, I'm sorry I wasn't aware of the prefetch feature. That's actually pretty cool.
link