Recent content by Bill Woodcock
-
Cisco RV340 & RV345 – are the licensed “advanced security features” worth it?
If there are ways we can improve Quad9, we're all ears... You've looked at independent lab-tests of Quad9's malware blocking? https://www.andryou.com/2020/05/31/comparing-malware-blocking-dns-resolvers-redux/...- Bill Woodcock
- Post #5
- Forum: Routers
-
QUAD9 moves to Switzerland
We've been following the issue closely... In general, we're stretched very thin, so we have to be very careful about taking on a larger scope of issues than we can see our way to successfully solving. We view our mandate as a balance of security, privacy, and performance. And we work as much...- Bill Woodcock
- Post #18
- Forum: General Network Security
-
QUAD9 moves to Switzerland
I'm not clear on what you're looking for, exactly. Do you want us to work with the developer of the test to try to help them to improve their test until it's accurate? That doesn't scale, and doesn't provide users with any benefit, so that's really not where our effort is directed. "Scoring...- Bill Woodcock
- Post #7
- Forum: General Network Security
-
QUAD9 moves to Switzerland
Can you give a specific example of Quad9 being slow to react (or "bad at reacting") to new things? The SAD thing isn't in fact an example of that, since it's not something we were vulnerable to. We were the first recursive resolver to implement DNSSEC. We were the first recursive resolver to...- Bill Woodcock
- Post #5
- Forum: General Network Security
-
More sources not better for malware blocking
Interesting that the TechRadar roundup says they're "not convinced that more sources is better" for malware blocking, when there are a ton of independent lab tests that give actual quantitative results... There's no need for them to guess, particularly when they guess wrong...- Bill Woodcock
- Thread
- Replies: 3
- Forum: General Network Security
-
Remote Router Reader?
As always, we (Quad9) encourage you to rely on trust as little as possible, and self-host everything that makes sense for you. And, as always, I'm happy to answer any questions you may have. We have some big announcement regarding privacy coming up on the 28th, Data Privacy Day.- Bill Woodcock
- Post #14
- Forum: Asuswrt-Merlin
-
How to setup Quad9 on my router
Yep, that's normal. If you send a cache-busting query to Quad9, Quad9 has to resolve it by sending a new query to the authoritative server for the zone you're querying. That query has to originate on a unicast peering or transit interface of a Quad9 router (as opposed to the public-facing...- Bill Woodcock
- Post #9
- Forum: Asuswrt-Merlin
-
Changing DNS Server to Quad9
Please do, and if you still see a problem, please report it to support@quad9.net. DoT chews up a lot of CPU, and if you were hitting a server instance that was getting overloaded with other people all using DoT, it may have needed an upgrade. Which may have happened by now. Anyway, if it's...- Bill Woodcock
- Post #9
- Forum: Asuswrt-Merlin
-
Root Canary Test Results - All ServFail [Red Crosses]
It's worth testing both ways and seeing how it works for you. Everybody's combination of local topology and traffic patterns are different enough that small changes in DNS configuration can yield surprising differences in performance. The down-side of sending ECS is that it gives both CDN...- Bill Woodcock
- Post #35
- Forum: Asuswrt-Merlin
-
Cloud9 DNS
Sorry, didn't mean to disappear on you guys. I just got kinda swamped with other things. There'll be some new Quad9 announcements later this summer. And the whole .ORG takeover-attempt sucked nearly all of my time for the better part of six months. Although a lot of that was about bad business...- Bill Woodcock
- Post #187
- Forum: General Network Security
-
Cloud9 DNS
Yep. We've been in contract negotiation with them since... (checking old email here) ...March of 2018. They didn't get in contact with us until they decided they wanted to do this default-DoH thing outside of the US, so they needed a solution that would be legal in places with privacy laws. So...- Bill Woodcock
- Post #186
- Forum: General Network Security
-
Cloud9 DNS
Sounds like a bunch of you are seeing the same issue there. I'll check with the ops guys and see what they say about it.- Bill Woodcock
- Post #143
- Forum: General Network Security
-
Cloud9 DNS
Your ISP is doing the right thing. That looks like a performance problem on our side, adding 10ms of delay going through our peering router. (Note that the router itself is being particularly slow to respond to the traceroute, which is low-priority for it... if it were lightly-loaded, it...- Bill Woodcock
- Post #140
- Forum: General Network Security
-
Cloud9 DNS
Can you post a traceroute and your origin AS, or send it to support@quad9.net, so they can figure out what your ISP is doing with your queries, and try to optimize the path? Have you tried using 9.9.9.10, or used the form on the front page of the https://quad9.net web site to check whether the...- Bill Woodcock
- Post #139
- Forum: General Network Security
-
Cloud9 DNS
It's almost an IPv6 address. Two colons together indicates an elided consecutive run of 0s. So the address is 2620:fe::fe. Double-colon the second time. Or it would be equally correct (but more tedious) to write it out as 2620:00fe:0000:0000:0000:0000:0000:00fe.- Bill Woodcock
- Post #124
- Forum: General Network Security
