[nSLUG] Re: Omniglobe Broadband: gratuitous nanny

Mike Spencer mspencer at tallships.ca
Mon May 31 15:59:07 ADT 2010


Adam Hartling <adam.hartling.ns at gmail.com> wrote:

> At least I haven't seen those failed to retrieve page search results
> from Eastlink in a while, but I assume they're still doing it.

What "failed...results" would those be? I don't know that I've seen
something like that myself.  My ISP (tallships.ca/glinx.com) has its
own nameservers but they recurse to upstream Eastlink servers.

> What is with ISP's screwing around with DNS lately? 

You probably know more about this than I do (or ever will :-) but, if
not, this (Nov 2009) article by Paul Vixie:

    http://queue.acm.org/detail.cfm?id=1647302

might be of interest.

    For example, if I ask my own recursive name server for a name that
    does not exist, it will tell me NXDOMAIN. If I ask OpenDNS's
    recursive name server for a name that does not exist, it will send
    me a NOERROR response with an answer pointing at an advertising
    server. Note that I'm using OpenDNS as a convenient example; it
    did not invent this technique. Indeed, Nominum and other DNS
    vendors now sell an add-on to their recursive name service
    products to allow any ISP in the world to do this, and a growing
    number of ISPs are doing it.  Why so many?  Simply because whoever
    remaps these NXDOMAIN responses gets the impression revenue. There
    are unverified claims that some ISPs are blocking access to
    OpenDNS and/or all non-ISP name servers in order to force their
    customers to use the ISP's own name server. I say unverified, but
    I find the claims credible -- ISPs have wafer-thin margins and
    if they see this kind of manna going out the door, they can't just
    let it happen.


>From the IETF draft [1] that Vixie mentions:

    ISPs and DNS ASPs have discovered over time that their users would
    benefit via "enhanced" DNS services, which often rely upon DNS
    Redirect functionality.  These enhanced services, which are
    offered on an opt-in or opt-out basis..., can perform a number of
    value added services for users, such as attempting to interpret
    web address errors and protecting users from reaching domains or
    fully qualified domain names...that would cause a user to
    inadvertently access malware.

Never mind we're harrowing your net "experience" for nickels and
dimes, think of the children^H^H^H^H^H^H^H^H clueless Windoes
users. :-\



As an only tangentially related aside, there now seems to be a fashion
for web pages to send no-cache HTTP headers or <META... tags for
nearly everything.  Notionally, this prevents outdated versions of
pages that are updated at short intervals from being delivered from
cache .  In practice, it appears to ensure that the server can
register multiple monetized "impressions" of a page that would
otherwise be accessed repeatedly from local cache using the "back"
button of a browser.  For we'uns humble dialup users, this is a real
time-eating annoyance requiring various work-arounds.


FWIW,
- Mike


[1] http://tools.ietf.org/html/draft-livingood-dns-redirect-00

    Expired Jan 2010 but the ideas remain, presumably, in play.

-- 
Michael Spencer                  Nova Scotia, Canada       .~. 
                                                           /V\ 
mspencer at tallships.ca                                     /( )\
http://home.tallships.ca/mspencer/                        ^^-^^



More information about the nSLUG mailing list