|
|
|
|
|
|
by anthonyryan1
333 days ago
|
|
|
Additionally, as long as you don't set strict-order, dnsmasq will automatically use all-servers for retries. If you were using systemd-resolved however, it retries all servers in the order they were specified, so it's important to interleave upstreams. Using the servers in the above example, and assuming IPv4 + IPv6: 1.1.1.1
2001:4860:4860::8888
9.9.9.9
2606:4700:4700::1111
8.8.8.8
2620:fe::fe
1.0.0.1
2001:4860:4860::8844
149.112.112.112
2606:4700:4700::1001
8.8.4.4
2620:fe::9
will failover faster and more successfully on systemd-resolved, than if you specify all Cloudflare IPs together, then all Google IPs, etc.Also note that Quad9 is default filtering on this IP while the other two or not, so you could get intermittent differences in resolution behavior. If this is a problem, don't mix filtered and unfiltered resolvers. You definitely shouldn't mix DNSSEC validatng and not DNSSEC validating resolvers if you care about that (all of the above are DNSSEC validating). |
|
|
I was handling an incident due to this outage. I ended up adding Google DNS resolvers using systemd-resolved, but I didn't think to interleave them!