I noticed that Quad 9 is not able to respond to the spy.pet query:

$ dig spy.pet @9.9.9.9 +short
;; communications error to 9.9.9.9#53: timed out

But Cloudflare DNS is able to do it:

$ dig spy.pet @1.1.1.1 +short
104.26.0.165
104.26.1.165
172.67.74.73

And to be sure, I checked another domain with the same TLD to rule out the option that Quad9 is unable to handle the .pet TLD, but I received a correct answer…

$ dig hello.pet @9.9.9.9 +short
3.64.163.50

Does Quad9 censor DNS queries?

  • TCB13@lemmy.worldEnglish
    24·
    7 months ago

    And blocking websites is trivial.

    Nothing is trivial at scale. When we’re talking about Quad9, Cloudflare etc. were talking about hundreds of servers across the planet, highly distributed solutions that rely on multicast and other non-trivial techniques. If you’ve to change a system like that to add the ability to block something, trust me, it won’t take a few hours and a LOT of testing will be required before pushing into production.

      • TCB13@lemmy.worldEnglish
        14·
        7 months ago

        Nothing is “built into DNS”. DNS is a couple of RFCs that include specifications on how the thing should work. What features one implementation (software) has is decision of those who made it and nothing else.

        • AmbiguousProps@lemmy.todayEnglish
          31·
          7 months ago

          What you said here is not really on topic, but it is literally part of DNS. I already explained it in my other comment, but here:

          DNS, by design, uses authoritative nameservers, which is what cloudflare and quad9 host. These authoritative hosts distribute their records to caches (usually just recursive DNS resolvers) to ease and distribute the load. It’s literally in all of their documentation, and explained in pretty plain english on their pages.

          https://www.cloudflare.com/learning/dns/what-is-dns/

          https://www.quad9.net/about/

          Much of the Quad9 platform is hosted on infrastructure that supports authoritative DNS for approximately one-fifth of the world’s top-level domains, two root nameservers, and which sees billions of requests per day.

          When a record is updated in your domain (or cloud) provider, it is distributed via an authoritative nameserver hosted by that company. These get distributed to the root name servers, which then distribute the records to other authoritative nameservers.