nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking International DNS

From: Wil Schultz <wschultz () bsdboy com>
Date: Mon, 22 Nov 2010 16:47:24 -0800
The more I think about this COICA deal the more I can't even fathom how it could be implemented.

If an upstream server won't resolve, what's to stop a network admin from using an offshored DNS server, or even the 
root servers? 

Unless we're talking about keeping DNS traffic confined to the ISP's network. Then what's to stop a global HOSTS.TXT 
from circulating via torrent?

It's shortsighted and problematic, which is usually what happens when technical discussions are dictated by politics.

-wil 


On Nov 22, 2010, at 4:21 PM, Dobbins, Roland wrote:



On Nov 22, 2010, at 10:48 PM, Joe Abley wrote:


I guess if the manner of the interception was to send back SERVFAIL to DNS clients whose queries were (in some 
sense) objectionable, the result would be that the clients were not able to resolve the (in some sense) bad names. 


Quantifying the negative performance impact of SERVFAIL on various stub resolvers might provide some useful data 
points in any 'official' discussions which arise on this topic.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

             Sell your computer and buy a guitar.
Previous By Date Next
Previous By Thread Next

Current thread: