dns/#icanndns: list the hosting provider / CDN #1221

New Issue

2019-08-25T20:53:03Z

Mikaela commented

2019-08-25 20:53:03 +00:00

(Migrated from github.com)

#1218 points that 5/11 of the DNS resolvers we list are behind Cloudflare. In the team chat there is concensus that it may not be so good idea to only focus on Cloudflare while there are a lot other CDN providers too that are more invisible and I view that if every DNS provider is hosted with e.g. DigitalOcean, it's not much better for decentralization.

Thus I propose instead adding a new column for hosting provider where it can be clearly distinguished ~~(some like Quad9 might have "multiple" or "several" due to being at individual IXPs and I am only aware of DNS Leak Test naming it as WoodyNet and TREX)~~.

Edit: the strikethroughed part doesn't apply with the testing method that is as accurate as whois <ip address.

Assigning @nitrohorse who is author of the table and knows it the best.

#1218 points that 5/11 of the DNS resolvers we list are behind Cloudflare. In the team chat there is concensus that it may not be so good idea to only focus on Cloudflare while there are a lot other CDN providers too that are more invisible and I view that if every DNS provider is hosted with e.g. DigitalOcean, it's not much better for decentralization. Thus I propose instead adding a new column for hosting provider where it can be clearly distinguished ~~(some like Quad9 might have "multiple" or "several" due to being at individual IXPs and I am only aware of DNS Leak Test naming it as WoodyNet and TREX)~~. *Edit: the strikethroughed part doesn't apply with the testing method that is as accurate as `whois <ip address`.* *Assigning @nitrohorse who is author of the table and knows it the best.*

👍 1

nitrohorse commented

2019-08-25 22:26:08 +00:00

(Migrated from github.com)

Here's a some info we could use for the providers currently listed:

AdGuard

IPv4
- RU-MNETWORKS-20111214 (Serveroid, LLC) - https://flops.ru/en/about.html
IPv6
- RU-MNETWORKS-20130326 (Serveroid, LLC) - https://flops.ru/en/about.html

BlahDNS

whois 2a0a:e5c0:2:2:0:c8ff:fe68:bf48
- Data_Center_Light_Linthal (Data Center Light) - https://www.datacenterlight.ch/
whois 2001:19f0:7001:1ded:5400:01ff:fe90:945b
- CHOOPA (Choopa, LLC) - https://www.choopa.com/
- NET-2001-19F0-7001-48 (Vultr Holdings, LLC) - https://www.vultr.com
whois 108.61.201.119
- CHOOPA-NETBLK08 (Choopa, LLC) - https://www.choopa.com/
- NET-108-61-200-0-23 (Vultr Holdings, LLC) - https://www.vultr.com
whois 159.69.198.101
- RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/
- DE-HETZNER-19920313 (Hetzner Online GmbH) - https://www.hetzner.com/

Cloudflare

whois 1.1.1.1
- APNIC-LABS (APNIC Research and Development) - https://labs.apnic.net/

CZ.NIC

whois 193.17.47.1
- CZ.NIC (self) - https://www.nic.cz/
whois 185.43.135.1
- CZ-NIC-ODVR (self) - https://www.nic.cz/

dnswarden

IPv4
- APNIC-AP (APNIC) - https://www.apnic.net
IPv6
- DE-HETZNER-20071010 (Hetzner Online GmbH) - https://www.hetzner.com/

Foundation for Applied Privacy

whois 37.252.185.232
- AT-IPAX-20120420 (IPAX OG) - https://www.ipax.at/
whois 2a00:63c1:a:229::3
- IPAX-VIRTUALLINE-V6 (IPAX OG) - https://www.ipax.at/

nextdns

IPv4 (whois 45.90.28.0), IPv6
- US-NEXTDNS-20190624 (self) (RIPE) - https://www.nextdns.io/

PowerDNS

whois 136.144.215.158
- RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/
- TRANSIP-NL-VPS-POD0-RTM0-CUSTOMERS (TransIP B.V. Admin) - https://www.transip.nl/

Quad9

whois 9.9.9.9
- CLEAN-97 (self) - https://quad9.net/
whois 149.112.112.112
whois 2620:fe::fe
whois 2620:fe::9
- PCH-PUBLIC-RESOLVER (Packet Clearing House) - https://www.pch.net/

SecureDNS

whois 146.185.167.43
- RIPE-ERX-146-185-0-0 (RIPE Network Coordination Centre) - https://www.ripe.net/
- DIGITALOCEAN-AMS-3 (DigitalOcean) - https://www.digitalocean.com/
whois 2a03:b0c0:0:1010::e9a:3001
- DIGITALOCEAN (DigitalOcean) - https://www.digitalocean.com/

UncensoredDNS

whois 91.239.100.100
- UNCENSOREDDNS-V4-ANYCAST (self) (RIPE) - https://blog.uncensoreddns.org
whois 2001:67c:28a4::
- UNCENSOREDDNS-V6-ANYCAST (self) (RIPE) - https://blog.uncensoreddns.org
whois 89.233.43.71
- SE-TELIADK-20060508 (Telia Company AB) - https://www.teliacompany.com
whois 2a01:3a0:53:53::
- SE-TELIADK-20070607 (Telia Company AB) - https://www.teliacompany.com

Here's a some info we could use for the providers currently listed: AdGuard - IPv4 - RU-MNETWORKS-20111214 (Serveroid, LLC) - https://flops.ru/en/about.html - IPv6 - RU-MNETWORKS-20130326 (Serveroid, LLC) - https://flops.ru/en/about.html BlahDNS - `whois 2a0a:e5c0:2:2:0:c8ff:fe68:bf48` - Data_Center_Light_Linthal (Data Center Light) - https://www.datacenterlight.ch/ - `whois 2001:19f0:7001:1ded:5400:01ff:fe90:945b` - CHOOPA (Choopa, LLC) - https://www.choopa.com/ - NET-2001-19F0-7001-48 (Vultr Holdings, LLC) - https://www.vultr.com - `whois 108.61.201.119` - CHOOPA-NETBLK08 (Choopa, LLC) - https://www.choopa.com/ - NET-108-61-200-0-23 (Vultr Holdings, LLC) - https://www.vultr.com - `whois 159.69.198.101` - RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/ - DE-HETZNER-19920313 (Hetzner Online GmbH) - https://www.hetzner.com/ Cloudflare - `whois 1.1.1.1` - APNIC-LABS (APNIC Research and Development) - https://labs.apnic.net/ CZ.NIC - `whois 193.17.47.1` - CZ.NIC (self) - https://www.nic.cz/ - `whois 185.43.135.1` - CZ-NIC-ODVR (self) - https://www.nic.cz/ dnswarden - IPv4 - APNIC-AP (APNIC) - https://www.apnic.net - IPv6 - DE-HETZNER-20071010 (Hetzner Online GmbH) - https://www.hetzner.com/ Foundation for Applied Privacy - `whois 37.252.185.232` - AT-IPAX-20120420 (IPAX OG) - https://www.ipax.at/ - `whois 2a00:63c1:a:229::3` - IPAX-VIRTUALLINE-V6 (IPAX OG) - https://www.ipax.at/ nextdns - IPv4 (`whois 45.90.28.0`), IPv6 - US-NEXTDNS-20190624 (self) (RIPE) - https://www.nextdns.io/ PowerDNS - `whois 136.144.215.158` - RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/ - TRANSIP-NL-VPS-POD0-RTM0-CUSTOMERS (TransIP B.V. Admin) - https://www.transip.nl/ Quad9 - `whois 9.9.9.9` - CLEAN-97 (self) - https://quad9.net/ - `whois 149.112.112.112` - `whois 2620:fe::fe` - `whois 2620:fe::9` - PCH-PUBLIC-RESOLVER (Packet Clearing House) - https://www.pch.net/ SecureDNS - `whois 146.185.167.43` - RIPE-ERX-146-185-0-0 (RIPE Network Coordination Centre) - https://www.ripe.net/ - DIGITALOCEAN-AMS-3 (DigitalOcean) - https://www.digitalocean.com/ - `whois 2a03:b0c0:0:1010::e9a:3001` - DIGITALOCEAN (DigitalOcean) - https://www.digitalocean.com/ UncensoredDNS - `whois 91.239.100.100` - UNCENSOREDDNS-V4-ANYCAST (self) (RIPE) - https://blog.uncensoreddns.org - `whois 2001:67c:28a4::` - UNCENSOREDDNS-V6-ANYCAST (self) (RIPE) - https://blog.uncensoreddns.org - `whois 89.233.43.71` - SE-TELIADK-20060508 (Telia Company AB) - https://www.teliacompany.com - `whois 2a01:3a0:53:53::` - SE-TELIADK-20070607 (Telia Company AB) - https://www.teliacompany.com

❤️ 1

Mikaela commented

2019-08-26 07:36:54 +00:00

(Migrated from github.com)

PCH-PUBLIC-RESOLVER (Packet Clearing House) - https://www.pch.net/

I think we could possibly also mark it as Quad9/self as PCH is one of their founders.

I am happy to see that only one provider is at DigitalOcean and my example was wrong 😃

> PCH-PUBLIC-RESOLVER (Packet Clearing House) - https://www.pch.net/ I think we could possibly also mark it as Quad9/self as PCH is one of their founders. I am happy to see that only one provider is at DigitalOcean and my example was wrong :smiley:

👍 2

Mikaela commented

2019-08-26 19:06:54 +00:00

(Migrated from github.com)

Shower questions: should the hosting providers also have country where they are based on mentioned?

👍 2

blacklight447 commented

2019-08-26 19:23:10 +00:00

(Migrated from github.com)

I would say yes.

nitrohorse commented

2019-09-02 06:59:36 +00:00

(Migrated from github.com)

NixNet DNS

whois 198.251.90.114
- PONYNET-07 (FranTech Solutions) - https://frantech.ca/
whois 209.141.34.95
- BUYVM-US-209-141-34-0-24 (BuyVM Services) - https://buyvm.net/

NixNet DNS * `whois 198.251.90.114` * PONYNET-07 (FranTech Solutions) - https://frantech.ca/ * `whois 209.141.34.95` * BUYVM-US-209-141-34-0-24 (BuyVM Services) - https://buyvm.net/

theel0ja commented

2019-09-03 10:00:40 +00:00

(Migrated from github.com)

IPv4
APNIC-AP (APNIC) - https://www.apnic.net

whois 159.69.198.101
RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/
DE-HETZNER-19920313 (Hetzner Online GmbH) - https://www.hetzner.com/

The RIPE & APNIC (excl. cloudflare 1.1.1.1 as the org is part of the project) thing is irrelevant, it's just a organization handing out IP addresses, not a hosting provider.

> > IPv4 > APNIC-AP (APNIC) - https://www.apnic.net > whois 159.69.198.101 > RIPE (RIPE Network Coordination Centre) - https://www.ripe.net/ > DE-HETZNER-19920313 (Hetzner Online GmbH) - https://www.hetzner.com/ The RIPE & APNIC (excl. cloudflare 1.1.1.1 as the org is part of the project) thing is irrelevant, it's just a organization handing out IP addresses, not a hosting provider.

👍 1

theel0ja commented

2019-09-03 10:15:43 +00:00

(Migrated from github.com)

For UncensoredDNS, I'd list all the PoPs (points of presence), not just single one (the danish one that is not linked to anycast):
They're listed at https://blog.uncensoreddns.org/dns-servers/

Also: BuyVM is a brand of FranTech, Vultr is a brand of Choopa

For UncensoredDNS, I'd list all the PoPs (points of presence), not just single one (the danish one that is not linked to anycast): They're listed at https://blog.uncensoreddns.org/dns-servers/ Also: BuyVM is a brand of FranTech, Vultr is a brand of Choopa

👍 1 👀 1

nitrohorse commented

2019-09-04 01:46:07 +00:00

(Migrated from github.com)

Excellent, thanks for the feedback @theel0ja; I've updated https://github.com/privacytoolsIO/privacytools.io/pull/1261 to account for your suggestions.

This repo is archived. You cannot comment on issues.