You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

1. Scope/Audience

  1. When considering a recursive DNS resolver:
    1. Is the resolver service public or private ?
    2. Is the resolver service open or closed ?
  2. Clarification:
    1. Public: can be reached over the open internet (public IP address, not restricted)
    2. Private: cannot be reached over the open internet (private IP address, or ACL restrictions, or a combination)
    3. Open: reachable by, and responds to queries from any client
    4. Closed: requires authentication of some sort to be used
      1. IP address, TSIG, TLS cert (DoT)

2. In practice, the following services are found on the internet:

  1. Private Resolvers - Found in corporate / restricted networks, not publicly accessible.

  2. Shared Private Resolvers - ISPs or similar hosting service providers

  3. Closed and Public Resolvers - Commercial DNS filtering / scrubbing service.

  4. Open and Public Resolvers - public DNS resolvers, with no access restrictions.

  • No labels