nanog mailing list archives
Re: Hey, SiteFinder is back, again...
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Tue, 6 Nov 2007 13:19:30 +0000
On Mon, 5 Nov 2007 23:46:08 -0800 "Christopher Morrow" <christopher.morrow () gmail com> wrote:
On 11/5/07, Eliot Lear <lear () cisco com> wrote:Cough. So, how much is that NXDOMAIN worth to you?So, here's the problem really... NXDOMAIN is being judged as a 'problem'. It's really only a 'problem' for a small number of APPLICATIONS on the Internet. One could even argue that in a web-browser the 'is nxdomain a problem' is still up to the browser to decide how best to answer the USER of that browser/application. Many, many applications expect dns to be the honest broker, to let them know if something exists or not and they make their minds up for the upper layer protocols accordingly. DNS is fundamentally a basic plumbing bit of the Internet. There are things built around it operating sanely and according to generally accepted standards. Switching a behavior because you believe it to be 'better' for a large and non-coherent population is guaranteed to raise at least your support costs, if not your customer-base's ire. Assuming that all the world is a web-browser is at the very least naive and at worst wantonly/knowingly destructive/malfeasant. MarkA and others have stated: "Just run a cache-resolver on your local LAN/HOST/NET", except that's not within the means of joe-random-sixpack, nor is it within the abilities of many enterprise/SMB folks, talking from experience chatting up misbehaving enterprise/banking/SMB customers first hand. What's to keep the ISP from answering: provider-server.com when they ask for Yahoo.com or Google.com or akamai-deployed-server.com aside from (perhaps) a threat of lawyers calling?
Hey -- I can so run a cache/resolver... More seriously: you're right; most people can't and won't. But a majority of customers in that space are using small NATs. Those certainly can; in fact, they often do. It's just that today, they simply talk to their upstreams, rather than starting from the root and going down. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: Hey, SiteFinder is back, again..., (continued)
- Re: Hey, SiteFinder is back, again... Phil Regnauld (Nov 05)
- Re: Hey, SiteFinder is back, again... David Lesher (Nov 05)
- Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
- Re: Hey, SiteFinder is back, again... Steven M. Bellovin (Nov 05)
- Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
- Re: Hey, SiteFinder is back, again... Tim Wilde (Nov 05)
- Re: Hey, SiteFinder is back, again... Bora Akyol (Nov 05)
- Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
- Re: Hey, SiteFinder is back, again... Eliot Lear (Nov 05)
- Re: Hey, SiteFinder is back, again... Christopher Morrow (Nov 05)
- Re: Hey, SiteFinder is back, again... Steven M. Bellovin (Nov 06)
- Re: Hey, SiteFinder is back, again... Barry Shein (Nov 06)
- Re: Hey, SiteFinder is back, again... Mark Andrews (Nov 05)
- Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
- Re: Hey, SiteFinder is back, again... Mark Andrews (Nov 05)
- Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
- Re: Hey, SiteFinder is back, again... Stephane Bortzmeyer (Nov 05)
- Re: Hey, SiteFinder is back, again... D'Arcy J.M. Cain (Nov 05)
- Re: Hey, SiteFinder is back, again... Stefan Bethke (Nov 05)
- RE: Hey, SiteFinder is back, again... Frank Bulk - iNAME (Nov 06)
- Re: Hey, SiteFinder is back, again... Patrick W. Gilmore (Nov 05)