Versions Compared

Old Version 14

changes.mady.by.user Steven Kim

Saved on

compared with

New Version Current

changes.mady.by.user Steven Kim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

1. Scope/Audience

  1. When considering a recursive DNS resolver:
    1. Is the resolver service public or private ?
    2. Is the resolver service open or closed ?
  2. Clarification:
    1. Public: can be reached over the open internet (public IP address, not restricted)
    2. Private: cannot be reached over the open internet (private IP address, or ACL restrictions, or a combination)
    3. Open: reachable by, and responds to queries from any client
    4. Closed: requires authentication of some sort to be used
      1. IP address, TSIG, TLS cert (DoT)

2. In practice, the following services are found on the internet:

  1. Private Resolvers - Found in corporate / restricted networks, not publicly accessible.

  2. Shared Private Resolvers - ISPs or similar hosting service providers

  3. Public Resolver Operators - Commercial DNS filtering / scrubbing service.