nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Thank you, Comcast.

From: Brielle Bruns <bruns () 2mbit com>
Date: Fri, 26 Feb 2016 08:56:40 -0700
On 2/26/16 6:27 AM, Mike Hammett wrote:

"you will also block legitimate return traffic if the customers run
their own DNS servers or use opendns / google dns / etc."

I'm fine with that. Residential customers shouldn't be running DNS
servers anyway and as far as the outside resolvers to go, ehhhh... I
see the case for OpenDNS given that you can use it to filter (though
that's easily bypassed), but not really for any others.



Except that half the time people run their own DNS resolvers because
their provider's resolvers are

1) Absolute garbage and either fail queries for no reason, don't respond
at times, respond super slow, etc.

2) Hijack NXDOMAIN for advertising / money generation

3) Hijack responses to inject their own ads, popups, etc.



--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org
Previous By Date Next
Previous By Thread Next

Current thread: