On 03/29/2013 07:01 PM, William Kenworthy wrote: > On 30/03/13 06:34, Paul Hartman wrote: >> On Thu, Mar 28, 2013 at 7:49 PM, Peter Humphrey >> wrote: >>> On Thursday 28 March 2013 20:53:49 Paul Hartman wrote: >>> >>>> In my case, my ISP's DNS servers are slow (several seconds to reply), >>>> fail randomly when they should resolve, return an IP (which goes to >>>> their ad-laden "helper" website if you are using a web browser) when >>>> they should instead return nxdomain, and they have openly admitted to >>>> selling customer DNS lookup history to marketers for targeted >>>> advertising. >>> >>> >>> >>> That is just evil. Have you no alternative to this ISP? >> >> Not really. >> >> I have a 100 megabit connection through the cable company; my only >> wired alternative is DSL (1.5 mbit for almost half the price I'm >> paying for 100mbit). Cellular or satellite are not viable options for >> me because of comparatively poor value, latency and miniscule data >> usage caps. >> > > Can you do a tunnel to a cheap vsp instance that can access an external > dns, and feed all your dns queries through it? Considering the problems > with your existing setup, that looks attractive and you can have sane > fallbacks if neccessary. > > I tried this to avoid the "Australia Tax" when online shopping overseas > and the small additional latency didnt seem to be a problem. Doesn't even need to be that complicated. Set up a free tunnel with tunnelbroker.net, and use Hurricane Electric's provided IPv6 DNS servers. They run the tunnel service as a loss-leader, and if they're doing anything funky with their DNS data, I haven't heard about it. Chances are, the local ISP won't be filtering traffic flowing across a proto41 tunnel. (IPv6 packet as an IPv4 packet payload. It's called a proto41 tunnel because 41 is placed in the "next protocol" field in the IPv4 packet.)