Quad9 employs DNSSEC on all endpoints now. https://quad9.net/news/blog/quad9-enables-dnssec-on-all-serv...
replyThis is great, thanks for the correction! I tried resolving dnssec-failed.org and it does indeed fail with EDE 6 (DNSSEC Bogus). I'm not sure why this hasn't been updated on the info page[0] yet, given that the change is about three months old.
reply[0]: https://quad9.net/service/service-addresses-and-features/
deleted
replyWas about to comment this. I actually don't like advert or malware blocking on my public DNS resolvers. It sounds cool but annoying when it misfires.
replyOnce Quad9 blocked Halo MCC XBOX Live -> Steam achievements, several fileshare services (probably used for malware somewhere but not my usage) etc...
1.1.1.1 blocked archive.is or got blocked by them or something...
Gone back to Google DNS (gasp) for now, yes as a European... no blocking, fast, never goes down.
It's fine when it's a non default option. Like use x.x.x.x for DNS, x.x.x.y for DNS+adblocking, x.x.x.z for totalitarian corporate blocklist that doesn't let you do anything fun
replyI believe cloudflare only blocked archive.is on their "Families" filtered dns. I've been using their normal 1.1.1.1 and haven't encountered any blocks.
replyIIRC the block was on archive.today's side as a protest against 1.1.1.1 intentionally not supporting ECS.
replyThis is what I am referring to. But from an end-user side, one option does not work, and one does work. Then I will use the working DNS.
replyYesterday 1.1.1.1 failed to resolved "theinformation.com" (hosted on CF itself!) for many hours, answering NXDOMAIN.
reply