> I don't understand. Your local DNS resolver still needs an upstream
No, not a single upstream.
When my browser asks my server on 127.0.0.1 to lookup news.ycombinator.com it will first contact the root DNS server, then `com` DNS server, then then `ycombinator.com` DNS server. Who knows about the fact that I was looking for `news.ycombinator.com`? only the `ycombinator.com` DNS server. Who knows about the fact that I was looking for `ycombinator.com`? only the `com` DNS server. Now I go to slashdot.org. Who will know about that? Only the `org` DNS server. If you use the Google DNS, Google will know that you requested both `news.ycombinator.com` and `slashdot.org`. Do you want them or any single company to have all these information?
Obviously you need an upstream, an authoritative server somewhere. But why do you need to concentrate all these requests on a single DNS server? ISP are actively tracking users and, probably, selling their DNS histories to advertiser. Nominum (makers of a widespread DNS server) is quite explicit about it: «Data gathering and measurement are a vital part of network operations and DNS data represents a rich vein to be mined that has been underutilized in the past». [1]
So you'd contact the root server directly? If that's really desirable behavior (and I suspect it isn't), why not just make chrome query the root servers and walk the hierarchy, not using a DNS server at all?
No, not a single upstream.
When my browser asks my server on 127.0.0.1 to lookup news.ycombinator.com it will first contact the root DNS server, then `com` DNS server, then then `ycombinator.com` DNS server. Who knows about the fact that I was looking for `news.ycombinator.com`? only the `ycombinator.com` DNS server. Who knows about the fact that I was looking for `ycombinator.com`? only the `com` DNS server. Now I go to slashdot.org. Who will know about that? Only the `org` DNS server. If you use the Google DNS, Google will know that you requested both `news.ycombinator.com` and `slashdot.org`. Do you want them or any single company to have all these information?
Obviously you need an upstream, an authoritative server somewhere. But why do you need to concentrate all these requests on a single DNS server? ISP are actively tracking users and, probably, selling their DNS histories to advertiser. Nominum (makers of a widespread DNS server) is quite explicit about it: «Data gathering and measurement are a vital part of network operations and DNS data represents a rich vein to be mined that has been underutilized in the past». [1]
[1] http://www.nominum.com/technology/analytics