[nSLUG] Re: Omniglobe Broadband: gratuitous nanny
mspencer at tallships.ca
Mon May 31 15:59:07 ADT 2010
Adam Hartling <adam.hartling.ns at gmail.com> wrote:
> At least I haven't seen those failed to retrieve page search results
> from Eastlink in a while, but I assume they're still doing it.
What "failed...results" would those be? I don't know that I've seen
something like that myself. My ISP (tallships.ca/glinx.com) has its
own nameservers but they recurse to upstream Eastlink servers.
> What is with ISP's screwing around with DNS lately?
You probably know more about this than I do (or ever will :-) but, if
not, this (Nov 2009) article by Paul Vixie:
might be of interest.
For example, if I ask my own recursive name server for a name that
does not exist, it will tell me NXDOMAIN. If I ask OpenDNS's
recursive name server for a name that does not exist, it will send
me a NOERROR response with an answer pointing at an advertising
server. Note that I'm using OpenDNS as a convenient example; it
did not invent this technique. Indeed, Nominum and other DNS
vendors now sell an add-on to their recursive name service
products to allow any ISP in the world to do this, and a growing
number of ISPs are doing it. Why so many? Simply because whoever
remaps these NXDOMAIN responses gets the impression revenue. There
are unverified claims that some ISPs are blocking access to
OpenDNS and/or all non-ISP name servers in order to force their
customers to use the ISP's own name server. I say unverified, but
I find the claims credible -- ISPs have wafer-thin margins and
if they see this kind of manna going out the door, they can't just
let it happen.
>From the IETF draft  that Vixie mentions:
ISPs and DNS ASPs have discovered over time that their users would
benefit via "enhanced" DNS services, which often rely upon DNS
Redirect functionality. These enhanced services, which are
offered on an opt-in or opt-out basis..., can perform a number of
value added services for users, such as attempting to interpret
web address errors and protecting users from reaching domains or
fully qualified domain names...that would cause a user to
inadvertently access malware.
Never mind we're harrowing your net "experience" for nickels and
dimes, think of the children^H^H^H^H^H^H^H^H clueless Windoes
As an only tangentially related aside, there now seems to be a fashion
for web pages to send no-cache HTTP headers or <META... tags for
nearly everything. Notionally, this prevents outdated versions of
pages that are updated at short intervals from being delivered from
cache . In practice, it appears to ensure that the server can
register multiple monetized "impressions" of a page that would
otherwise be accessed repeatedly from local cache using the "back"
button of a browser. For we'uns humble dialup users, this is a real
time-eating annoyance requiring various work-arounds.
Expired Jan 2010 but the ideas remain, presumably, in play.
Michael Spencer Nova Scotia, Canada .~.
mspencer at tallships.ca /( )\
More information about the nSLUG