[Freedombox-discuss] distributed DNS
Bjarni Rúnar Einarsson
bre at pagekite.net
Tue Mar 15 13:45:51 UTC 2011
On Tue, Mar 15, 2011 at 12:36 PM, <bertagaz at ptitcanardnoir.org> wrote:
>
> Yeah, the idea is to build a dynamic DNS service, distributed if possible.
> I see no point in building a freedombox if its DNS system is based on
> "cloudy" (or mainstream if you prefer) services like dyndns.
>
Hmm. If millions of people use Freedom Boxes, whatever they rely on will by
definition become "mainstream".
Again, what problem are you trying to solve? I am going to assume you
aren't being anti-business just for the sake of being anti-business. :-)
Dynamic DNS providers have very little chance to spy on you, and (assuming
you use your own domain name) if they don't play nice, you just switch to a
different one. Why do they need to be replaced? There are quite a few
options out there, including some very community-minded ones like
www.afraid.org.
If you use a "free" subdomain, then it does become very important to choose
a provider carefully because you'll probably be forced to discard the name
if or when you move. But from the point of view of the average Joe that
problem is not made obviously better by replacing commercial interests with
those of idealistic volunteers - both can be equally fickle, provide good or
bad service, change their minds or simply go broke.
Rather then charging off to just replace all the existing providers out
there, I would much rather see a considered discussion on what
characteristics a "FreedomBox friendly" provider of DNS services should
have, and an evaluation of the existing options to see how they measure
up...
Well, pay the bill for a DNS domain at least, not that expensive though.
> Some are already rented by people around here.
> Bandwidth shouldn't be a problem if the system is decentralized. I guess
> the best would be for such a system to be able to support multiple domain
> name, so that if some fb user wants to own and use one, he/she could
> manage it.
>
What do you mean by decentralized? I hope you don't intend to replace the
small number of commercial entities who can currently
coopt/corrupt/manipulate my DNS records with a much larger number of
decentralized, anonymous volunteers who can all do the same thing! :-)
DNS is by nature hierarchical, DNS servers are assumed to be trusted.
You can't just "decentralize" the system any more than it already is,
without raising serious security and trust issues.
> I've implemented a dynamic DNS service, on top of powerdns and redis.
> It's
> > part of the infrastructure behind pagekite.net. I wouldn't mind sharing
> > that code, I am sure some peer review would do it good. :-)
>
> Nice, sure I'd like to see/test that. I'm not a lot in redis and all, but
> might be usefull in the futur.
>
OK, I'll see about getting the code out later today - at least the bits
which are loosely coupled from the pagekite.net service internals.
--
Bjarni R. Einarsson
The Beanstalks Project ehf.
Making personal web-pages fly: http://pagekite.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110315/86965ff8/attachment.htm>
More information about the Freedombox-discuss
mailing list