Comment by JdeBP
8 hours ago
If people have naïvely configured their BIND client libraries to talk directly to Quad9, instead of via a machine-local forwarding caching proxy DNS server, then libcurl can be sending a re-query out to Quad9 every 60 seconds for domains that it actively needs to map to IP addresses.
* https://curl.se/libcurl/c/CURLOPT_DNS_CACHE_TIMEOUT.html
Excessive DNS traffic and the interaction with libcurl and with not having a machine-local forwarding caching proxy DNS server, is a known and open issue with that software.
* https://github.com/transmission/transmission/issues/1815
Having a machine-local forwarding caching proxy DNS server is in general a good idea. It provides exactly the sort of traffic concentration and redundancy elimination that is required by libcurl's 60 second re-queries, which is otherwise still traffic going out over a gateway even when Quad9 is co-located with one's ISP.
No comments yet
Contribute on Hacker News ↗