Time Warner Cable To Employ DNS Redirection - The 'butterfinger revenue stream' gets increasingly popular...

Time Warner Cable To Employ DNS Redirection - The 'butterfinger revenue stream' gets increasingly popular...
Links: home · search · speed test · login · more ·

Time Warner Cable To Employ DNS Redirection
The 'butterfinger revenue stream' gets increasingly popular...
(old news - 11:46AM Friday Nov 09 2007)
tags: business · cable · networking · RoadRunner Cable

A Time Warner Cable insider tells us that the company will be joining the growing list of ISPs who use DNS redirection services to generate additional revenue off of mistyped URLs. DNS redirection services send wayward surfers and their butterfingers to an ISP-run portal, instead of a traditional page not found error site. The ISP portal is complete with advertiser-funded referral links.

Our users generally dislike the practice, as it tends to break the functionality of apps and tools that require a "clean" connection. Cox, Earthlink Charter and Verizon have all been quietly employing these DNS redirection services. Occasionally they'll offer users a "clean" DNS server. Most ISPs are allowing users to opt-out, though as this Charter user notes, the opt-out process is sometimes flaky:

Charter's way to "opt-out" is to put a cookie on your computer to redirect you to a fake page not found screen. In reality they are sending you to a copy of the IE page, which is amusing, because when in firefox or any other browser it still points you to that. This still defeats the purpose and is not true DNS, because it is still returning a response and pointing you to their fake page not found page.

Time Warner Cable will be testing their service first in the Binghamton, NY market starting November 15. The larger central NY and Syracuse markets will be the test bed until next year, when additional markets will come online. Users will be able to opt-out of the service via a link at the bottom of the portal.

DNS redirection is all the rage. We've heard that the concept is also being tested by a number of other providers, including Insight Broadband. The service delivers a nice revenue stream, and the only people who really complain are the power users -- who can be marginalized during company meetings as a fringe statistic.

OCAP Becomes Tru2way

Cox: What Bandwidth Crunch?

Time Warner Cable Also Raising TV, DVR Rates

Time Warner CableCARD Fix On The Way

Time Warner Cable Beats Back AT&T, Verizon

Network DVR Court Fight Continues

Economy Worries Slowing DOCSIS 3.0 Rollouts

Time Warner Cable Raises Standalone Broadband Prices

Links: New Topic
Forums »

en102 @ 9th Nov 11:52AM:
DNS opt out is flawed

Cookies will only work with browsers or apps that are cookie based. Applications not using cookies will have issues. This is a flawed method. Opting out should have DHCP change your DNS settings to 'clean' DNS servers.
Technically speaking, shouldn't this be and 'opt-in', as its breaking apps that truly rely on DNS to function properly.
--
Canada = Hollywood North
reply

rcdailey @ 9th Nov 11:59AM:
Re: DNS opt out is flawed

I suppose you could set up your connection to use OpenDNS servers instead of defaulting to using the DNS provided by TWC. That would probably get around this DNS redirection.
reply

en102 @ 9th Nov 12:00PM:
Re: DNS opt out is flawed

True, but that should be done by TWC, I shouldn't have to mess with my DNS settings to obtain valid DNS results... This isn't AOL, afterall.
--
Canada = Hollywood North
reply

DotMac @ 9th Nov 12:01PM:
Re: DNS opt out is flawed

OpenDNS uses redirection too.

»www.opendns.com/features/guide/
reply

DotMac @ 9th Nov 12:04PM:
I wish...

ICANN could somehow compel ISPs to conform to the Internet's "mechanical" standards like allowing 404's to 404 by default. If a user wishes to opt in, that's fine.
reply

TK Junk Mail @ 9th Nov 12:16PM:
Re: DNS opt out is flawed

said by DotMac :

OpenDNS uses redirection too.

»www.opendns.com/features/guide/

But you can opt out of it if you sign up as a free user:
[att=1]
Just leave the typo correction boxes unchecked and the usual server not found error pops up..
--
Internet News
My BLOG
My Web Page

JRKy @ 9th Nov 12:18PM:
Re: DNS opt out is flawed

But you can customize the OpenDNS redirection to your own company logos and text. They don't redirect to advertise.
--
Josh "JRKy" Kennedy

"Irish I had another drink"
reply

JRKy @ 9th Nov 12:22PM:
Re: I wish...

Those "mechanical" standards are the web servers doing. Nothing to do with the "internet".

You could always use IPs for your requests and avoid all of this :).
--
Josh "JRKy" Kennedy

"Irish I had another drink"
reply

amungus @ 9th Nov 12:28PM:
question

Ok, so should I just go ahead and get the list of ROOT DNS servers right now?

Can an avg. home user use them or their nearest neighbors that are NOT part of this whole redirection insanity?

I really don't get it. Isn't AOL still around? If people want this, can they not still sign up for AOL? ...Wait, AOL IS TW isn't it?

Starting to think I want nothing to do with such a service after looking at that Cox forum's 1st page...
The pic that showed 'suggested' results didn't even have DSLR or anything close listed in its 'results' there...

Sure, everyone mis-types an address from time to time, but if it gives me this kind of junk before I can click the stop button, or a generic REAL error result, then I want absolutely nothing to do with it.

Seriously, this makes no sense, even for a little extra profit.. SEARCH ENGINES are very helpful if you aren't sure of a web address... That's been one of their primary functions since the beginning.
reply

hopeflicker @ 9th Nov 12:37PM:
greed

Yet another anti-consumer trick.

Why is it that companies make "YOU" jump though hoops?
--
People pray to God because they're told to.
reply

Jodokast96 @ 9th Nov 12:58PM:
Re: greed

said by hopeflicker :

Yet another anti-consumer trick.

Why is it that companies make "YOU" jump though hoops?

Because enough people are willing to.
reply

koitsu @ 9th Nov 01:03PM:
Boycott.

Someone needs to form an organisation and start boycotting this crap. None of the jhonkas in upper management are aware of how DNS works, and how services/protocols rely on it -- thus, are completely unaware of how garbage like this causes massive havoc.

It needs to end.
--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.
reply

sporkme @ 9th Nov 01:06PM:
Re: DNS opt out is flawed

said by en102 :

This isn't AOL, afterall.

But the duopoly does want to turn "your" internet into a lovely AOL-esque walled garden.

Don't worry though, I'm sure that a 3rd party overbuilder will spring up out of nowhere and provide "real" internet any day now.
reply

morbo @ 9th Nov 01:09PM:
boo to this

all these DNS redirection schemes should be made illegal.
reply

DaSneaky1D @ 9th Nov 01:10PM:
Upon further reflection....

So far, the companies doing this are NOT Comcast. Is Comcast generating extra revenue by saving bandwidth?

From just a quick search, I can't find any mention of any bandwidth limitation with Cox...and I know the other companies implementing this are not limiting bandwidth usage. While I may be wrong, it seems that to provide the "sales" bandwidth speeds at affordable prices, they're subsidizing using these methods.

Granted, many folks here may not like it, but nearly every other customer of theirs wouldn't even blink at this change. Also, anyone that sees this as an annoyance should be well aware of how to change it.

So, is this really a problem?
--
:: my trivial ramblings ::
reply

MiloMindbender @ 9th Nov 01:13PM:
Open letter to internet providers

Dear ISPs looking to make a quick advertising buck,

DNS is used by (a lot) more than just web browsers.
Look it up -- and stop breaking existing standards with your bright ideas. >:-/

Sincerely,
The rest of the 'net
reply

en102 @ 9th Nov 01:19PM:
Re: Open letter to internet providers

Yup... Web browsers are the revenue stream that they want... then they should have a cookie set on the browsers to 'opt-in' when they hit the corporate web site. All non-browser based DNS lookups would function properly.
--
Canada = Hollywood North
reply

DotMac @ 9th Nov 01:20PM:
Re: Boycott.

While I did drop CATV/DBS after the latest round of price increases in my area my choice is Time Warner (which I currently use) and Verizon FiOS. Both providers use redirection.
reply

StudioTech @ 9th Nov 01:23PM:
Don't these companies remember the SiteFinder scandal?

For those that don't remember:

»www.internetnews.com/bus-news/ar···/3080071
reply

DotMac @ 9th Nov 01:27PM:
Re: I wish...

By mechanical standards I'm talking about following the TCP/IP convention including proper DNS resolution instead of hijacking it to make a quick buck.
reply

openbox9 @ 9th Nov 01:30PM:
Re: question

said by amungus :

Can an avg. home user use them or their nearest neighbors that are NOT part of this whole redirection insanity?

You can use whatever DNS servers you'd like. I wouldn't use the root servers though.
reply

openbox9 @ 9th Nov 01:31PM:
Re: greed

Because you are paying for their product and fall under their ToS.
reply

openbox9 @ 9th Nov 01:32PM:
Re: Boycott.

Boycott by using different DNS servers. Nothing much else to do really except cancel your service altogether.
reply

Ikyuao @ 9th Nov 01:38PM:
OpenDNS offers this.

OpenDNS can redirect you to OpenDNS search page in case you mistyped URL or do not exist page so OpenDNS automatically redirect you to OpenDNS page.
reply

hopeflicker @ 9th Nov 01:38PM:
Re: greed

This just reinforces my anti-consumer mentality :huh:
--
People pray to God because they're told to.
reply

openbox9 @ 9th Nov 01:41PM:
Re: greed

Based on your mentality then, if a company attempts to make money, they're anti-consumer?
reply

hopeflicker @ 9th Nov 01:47PM:
Re: greed

said by openbox9 :

Based on your mentality then, if a company attempts to make money, they're anti-consumer?

No. Never said that. Those that make their customers jump though hoops, especially for something like this, I deem anti-consumer. They are taking advantage of teh general population knowing that a high percentage will never know about this "OP OUT" option.

Same goes to all of those companies that force people into contracts.
When you can't compete with the competition, force your customers into 2 year contracts. (2yr contracts seem to be the norm today)
--
People pray to God because they're told to.
reply

Jodokast96 @ 9th Nov 01:54PM:
Re: greed

Chances are the ones that would even care would be aware of the Opt-Out. The vast majority that could care less don't need it.
reply

openbox9 @ 9th Nov 01:55PM:
Re: greed

said by hopeflicker :

Those that make their customers jump though hoops, especially for something like this, I deem anti-consumer. They are taking advantage of teh general population knowing that a high percentage will never know about this "OP OUT" option.

You mean like almost every single company that when you do business with them, they provide you with their "privacy statement"? I'm of the mindset that we're adults and therefore responsible for our actions. If we can't/won't read contracts or the ToS, then it's bad on us. Besides, in most cases, I wouldn't call the necessary opt-out actions, "jumping through hoops". Typically, such actions require responding to an e-mail or clicking a button or two on a website. Not rocket science.
reply

JRKy @ 9th Nov 01:55PM:
Re: I wish...

I know I'm being a pita here, but again... DNS (applications) has nothing to do with TCP/IP other than traversing the protocol.

I agree the DNS redirection to an advertised page is shady nonetheless.
--
Josh "JRKy" Kennedy

"Irish I had another drink"
reply

hopeflicker @ 9th Nov 01:58PM:
Re: greed

said by openbox9 :

All of those TOS/EULA's are written in lawyer speak. Do you think a good majority of the population understands this?
--
People pray to God because they're told to.
reply

hopeflicker @ 9th Nov 02:00PM:
Re: greed

said by Jodokast96 :

Chances are the ones that would even care would be aware of the Opt-Out. The vast majority that could care less don't need it.

But this sets a precedent to other ISP's that it's OK to hinder the function of some applications and tools.
--
People pray to God because they're told to.
reply

timcuth @ 9th Nov 02:06PM:
Re: Boycott.

said by openbox9 :

Boycott by using different DNS servers. Nothing much else to do really except cancel your service altogether.

Do you think they will care, or even notice, if you stop using their DNS servers? :hmm:

Tim
--
"Love consists in overestimating the difference between one woman and another" - George Bernard Shaw
~ Project Hope ~
reply

openbox9 @ 9th Nov 02:14PM:
Re: greed

There's only a couple of sections that really matter, and for the most part, they're fairly easy to read.
reply

openbox9 @ 9th Nov 02:16PM:
Re: Boycott.

No, but I'm not sure what else you'd propose for a "boycott" besides canceling service, which I also mentioned.
reply

timcuth @ 9th Nov 02:18PM:
Re: Boycott.

I understand, but a boycott is only a boycott if it exerts some motivational pressure on the business being boycotted. Usually in the form of loss of revenue.

Tim
reply

openbox9 @ 9th Nov 02:21PM:
Re: Boycott.

But people aren't going to cancel their service. Instead, they'll complain and continue paying their money like good little sheep.
reply

jester121 @ 9th Nov 02:24PM:
Typical much ado...

Once again, for all the hullabaloo and bandwagon jumping, no one's given a detailed description of how this really affects them. We have references to "tools and utilities" that this will impact and how it will cause the ruination of everyone's life, but honestly, what are these tools? And how much time each month do you spend using them? Aren't the people complaining the same ones who claim to never use ISP-run DNS servers anyhow, and aren't they smart enough to change to different ones?

I'd really like some examples, I'm not saying such uses don't exist and aren't valid; I just have a hard time believing that this is destroying anyone's ability to enjoy their internet connection.

(And for all who are poised to write something about "pure unfettered internet" or something like that, save it; I've read it all in the Comcast Bittorrent threads.)
reply

Sr Tech @ 9th Nov 02:28PM:
Re: Boycott.

Only a true boycott would be in the masses, I would love to see a town or an entire state boycott a company. Watch what would happen...
reply

openbox9 @ 9th Nov 02:31PM:
Re: Boycott.

There would need to be a fairly significant event to drive that magnitude of a boycott....DNS redirection isn't it.
reply

CylonRed @ 9th Nov 02:31PM:
Wow - when I go one of these pages I just....

Hit the back button till I am back to where I was or rertype it correctly - not that difficult to do.\

If people would not buy or click on any link then the problem would be solved as no money would be made.
--
Brian

Free health care is 100% a misnomer - it is not free and never will be free.
reply

ep1taph @ 9th Nov 02:38PM:
InsightBB also doing this

You might want to add InsightBB to the growing list of ISP's that are taking over mistyped urls. We've been discussing it:

»www33.not-found-entry.org

I've been using Level3 DNS servers since it started happening.
reply

MrMoody @ 9th Nov 02:45PM:
And Embarq

Embarq just started it too. SOMEBODY out there has sold all these ISPs on doing this.
reply

swhx7 @ 9th Nov 02:52PM:
Re: question

Agreed. Going directly to the root servers is not the way it's supposed to work.

The standard envisions that each end device (your PC) will use a local-to-it DNS server - specifically one provided by the organization the user is a part of, or the internet provider. If that server doesn't have the answer it will pass the query to a higher-level DNS server, and so on, the root servers being a last resort (but they will just try to point your query to the appropriate provider).

And if there is no IP found for the domain name, the standard says a NX reply should be returned. It is these that the ISPs are hijacking to spew some ads at users.

Until this latest fast-buck scam it was always the ISP's job to provide a standards-compliant DNS server.

Even with this nonsense going on, in most cases the ISP has offered at least one correctly-behaving DNS server for customers who want to opt out of the falsified results. If you are subject to this redirection and want to avoid it, see if there is an address for a real DNS server hidden in some corner of your provider's website.
reply

MrMoody @ 9th Nov 02:58PM:
Re: Upon further reflection....

I am basically of the same opinion.
reply

jjeffeory @ 9th Nov 03:03PM:
Re: greed

OMG, you are obviously a shill...
reply

jjeffeory @ 9th Nov 03:04PM:
Re: greed

There's an honorable way to make money, and then there is trying to trick people into giving you some money.
reply

anon @ 9th Nov 03:05PM:
Simple solution...

Use either the following anycast nameservers:

4.2.2.1 - 4.2.2.6

or OpenDNS with redirection turned off.

Of course a better solution would be for these companies to stop breaking DNS and trying to monetize something that was NOT DESIGNED to be monetized.
reply

jjeffeory @ 9th Nov 03:06PM:
Re: greed

Look, consumers who don't agree with this kinf of crap are between a rock and a hard place. This is kind of like, "Well, if you don't like the ToS if the electric company, you can do without it, riiiight?"
reply

jjeffeory @ 9th Nov 03:07PM:
Re: Boycott.

Just what I predicted above.
reply

jjeffeory @ 9th Nov 03:09PM:
Re: Boycott.

Well, here I agree with you. It's going to be the same thing when gas prices go to $10 a gallon. We'll complain all the way to the pump. Kind of scary when society depends on something and then the price gets "jacked up", or the provider starts screwing with the service. This is why we need real choice & competition instead of all these oligopolies...
reply

jmn1207 @ 9th Nov 03:21PM:
Re: Typical much ado...

said by jester121 :

Once again, for all the hullabaloo and bandwagon jumping, no one's given a detailed description of how this really affects them. We have references to "tools and utilities" that this will impact and how it will cause the ruination of everyone's life, but honestly, what are these tools? And how much time each month do you spend using them? Aren't the people complaining the same ones who claim to never use ISP-run DNS servers anyhow, and aren't they smart enough to change to different ones?

I'd really like some examples, I'm not saying such uses don't exist and aren't valid; I just have a hard time believing that this is destroying anyone's ability to enjoy their internet connection.

(And for all who are poised to write something about "pure unfettered internet" or something like that, save it; I've read it all in the Comcast Bittorrent threads.)

This is a basic, EXPECTED, functionality of the internet. By breaking the standard, it makes things much more difficult to develop and implement.

Do you use email? Email is one area that will be severely impacted if every DNS resolves to some ISP advertising page. No message will bounce back if the wrong address is used. If I have to send an important message out to a new client and the email address is wrong, it would be nice to get a bounce back letting me know the message never arrived so that I could correct the issue. Also, spam filtering tools often rely on checking for legitimate addresses. False positives will be created and a ton of normally filtered email will be flooding our mailboxes. You would be surprised at just how much mail is filtered before it hits the typical mail inbox.

Regardless of whether or not you might be inconvenienced, it simply breaks the internet. That is not a good thing.
reply

emptywig @ 9th Nov 03:23PM:
Re: DNS opt out is flawed

Redirect is still redirect.

wig
reply

NOCMan @ 9th Nov 03:35PM:
Re: DNS opt out is flawed

said by en102 :

True, but that should be done by TWC, I shouldn't have to mess with my DNS settings to obtain valid DNS results... This isn't AOL, afterall.

Not defending them, but anyone who this would break their applications probably tend to run their own dns servers.

Course what happens when they start redirecting traffic for valid sites on accident or due to a network problem.
reply

Eat Me @ 9th Nov 03:45PM:
Re: question

They'll probably start blocking external DNS servers next.

That's the next logical step, anyway.

Pretty soon all we'll be left with is port 80, 443 and a few others. :(
reply

DotMac @ 9th Nov 04:08PM:
Re: I wish...

Sigh, I dunno what the proper term for it is but I'm trying to say TCP/IP as in the TCP/IP model (the whole shebang), not just TCP as a transport protocol. Obviously in TCP/IP model (or whatever it is really called) DNS is an application protocol just like POP3, NNTP and SMTP and goes directly to my point which is when they piss with TCP/IP standards (in this case an application standard) by redirecting DNS or in another common case like port blocking, they break "stuff" that others rely on being 'standard' to function properly.
reply

RARPSL @ 9th Nov 04:08PM:
Re: question

said by swhx7 :

Agreed. Going directly to the root servers is not the way it's supposed to work.

The standard envisions that each end device (your PC) will use a local-to-it DNS server - specifically one provided by the organization the user is a part of, or the internet provider. If that server doesn't have the answer it will pass the query to a higher-level DNS server, and so on, the root servers being a last resort (but they will just try to point your query to the appropriate provider).

This provider supplied DNS Server while the normal case is a fall-back to the case were there is a running DNS Server on the user's Computer/LAN. In that case, it is that DNS Server that does the resolution or goes to the Root Server and runs the chain to the correct Authorised DNS Server.

BTW: If you run your own DNS Server, update your ROOT-SERVERS list since one of them has changed its IPN and will in a few months go away (it has two IPNs right now and the old one will be withdrawn eventually).
reply

jjoshua @ 9th Nov 04:15PM:
It's like getting a recoded message when you misdial

When you misdial a phone number, do you want to hear a "[boop]This number is not in service" message or do you want to be connected to directory assistance who can connect your call for an additional $1.00 ?
reply

DotMac @ 9th Nov 04:17PM:
Re: DNS opt out is flawed

Doesn't matter why they do it, DNS redirection still breaks stuff and ISPs should leave their mitts off standards. Stop port blocking, stop redirects, stop pissing with everything. The fact that they're doing it to make a quick buck just makes it that much lamer.

And OpenDNS is fine...people CHOOSE to do it and that's great...that's opting in. If Verizon, Cox, Time Warner and the like want to offer the same, so be it, let them offer it but not auto-enroll everyone in it.
reply

batterup @ 9th Nov 04:27PM:
Re: DNS opt out is flawed

said by sporkme :

Don't worry though, I'm sure that a 3rd party overbuilder will spring up out of nowhere and provide "real" internet any day now.

When we had one provider we did not have this B.S. The more providers the greater the B.S. to hustle a buck with a smaller customer base.

Gone are the days when the pipe provider made a country from sea to shinning sea possible. Gone are the days when the pipe provider will discover the sound of the beginning of he universe.

Ma Bell is dead and yet the people bitch.
reply

jester121 @ 9th Nov 04:28PM:
Re: Typical much ado...

I use e-mail. I also know how it works, which clearly you don't.

My e-mail servers (and yours too, though you don't know it)use MX records to locate destination hosts for sending messages, not the A records that are being massaged by these DNS redirection methods (difference between web browsing and mail). Also, unless the ISP is going to have a wildcard accept for all inbound e-mail to all addresses at all domains, any decent MTA will in fact generate a bounce message -- when it can't deliver a mis-addressed message.

Keep in mind, we're talking about residential service here -- not supposed to run mail servers anyhow, and anyone who did wouldn't get much accomplished from a residential IP block. Also, keep in mind that spam filtering doesn't run on individual user's machines. The ISP isn't going to pass its spam filtering DNS lookups through this system.

Finally, the bottom line -- if you don't like it, use different DNS servers.

Your post supports my assertion that the people complaining about this are just whining because they think something is being taken away from them, even though they don't really understand either side of the issue.
reply

JRKy @ 9th Nov 04:32PM:
Re: I wish...

Weeeell...

pfft... yeah, I agree.
reply

sporkme @ 9th Nov 04:45PM:
Re: DNS opt out is flawed

said by batterup :

[
Gone are the days when the pipe provider made a country from sea to shinning sea possible. Gone are the days when the pipe provider will discover the sound of the beginning of he universe.

Gone are the days of double-digit long distance, phone rentals, and all that other "good stuff". Sniff...
reply

Noah Vail @ 9th Nov 04:47PM:
Re: It's like getting a recoded message when you misdial

I want "The number you have reached 5-5-5 - e-i-e-i-o is not in service at this time. Please check the number and try your call again. C4-727."

It'll be faster and simpler for me to hang up and try again, than to bring another human into the equation who has no better idea what I want than the last 666 people he talked to in his broken Engrish.

NV
--
My children used to Speak in Tongues. But after years of Speech Therapy, English is their First Language!
reply

fiberguy @ 9th Nov 04:58PM:
Re: DNS opt out is flawed

Gone are the days of 35 cent per minute long distance. Gone are the days of the monopolistic mentality of the phone company. Gone are the days of over priced, and low quality dial tone. Gone are the days of expensive setup fees to change a feature. Gone are the days of mandatory phone rentals. Gone are the days of 25 day installation appointments. Gone are the days of no choice. Gone are the days of "We don't care, we're the phone company, we don't have to"...

Yea... the good old days.

Every time there is a topic and you jump in, you keep posting this non-sense about how Ma-Bell was the saviour to all that is good and ever has been and that people are bitching because it's gone. In case you were asleep, the people wanted it gone and no one has looked back.

Evolve!
--
"Complaining is the least path of resistance for the self-serving, the lazy, and I’m told it’s a woman’s prerogative..."
reply

smcallah @ 9th Nov 05:00PM:
Re: greed

said by hopeflicker :

But this sets a precedent to other ISP's that it's OK to hinder the function of some applications and tools.

And the majority of people don't use these apps and tools that rely on DNS queries to return NX for non-existent domains. So they won't care.

And that is sadly all the providers care about.

But like has been said, if you are dependent on the apps and tools that require proper working DNS, then you probably know how to run your own caching DNS server or use a 3rd party server and can get along just fine. A user like this would notice immediately that DNS queries are being answered for NX domains, and would work to remedy the issue.

A user that just thinks it's a new domain not found page will not really care what is happening.
reply

smcallah @ 9th Nov 05:05PM:
Re: Don't these companies remember the SiteFinder scandal?

said by StudioTech :

For those that don't remember:

»www.internetnews.com/bus-news/ar···/3080071

SiteFinder was a whole other beast. It affected all Verisign run TLD's.

It was unavoidable, even if you ran your own DNS server, you still had to talk to Verisign's root for their TLD's.

In this new case, if it's only your ISP doing it, and if you know what you're doing, you can get around it.

If you don't know what you're doing, you probably don't care either way.
reply

smcallah @ 9th Nov 05:11PM:
Re: Simple solution...

said by factchecker :

Of course a better solution would be for these companies to stop breaking DNS and trying to monetize something that was NOT DESIGNED to be monetized.

I don't agree with redirection of DNS, but this is a weak argument against it.

Just because it wasn't stated in RFC's that it could be "monetized" doesn't mean it can't be. You probably shouldn't store recipes in DNS records, but it can be done.

For DNS to have not been designed to do something such as this, they would not have made wildcard records possible.

Perhaps they should have had more foresight and seen something like this occurring with wildcards. But you can only partially blame the implementors for using the features of BIND, or whatever DNS server they use, to their own business ends.
reply

espaeth @ 9th Nov 06:21PM:
Re: question

said by amungus :

Ok, so should I just go ahead and get the list of ROOT DNS servers right now?

The root DNS servers will be of limited value to you, since they only serve up immediate records of ".", so: {com net org us info} and such. The root DNS servers tell you which Top Level Domain (tld) server to use to resolve the record another layer. (The gTLD servers for com and net, for example)

said by amungus :

Can an avg. home user use them or their nearest neighbors that are NOT part of this whole redirection insanity?

I recommend using one of the free DNS resolver options, like:

»www.opendns.com
»www.resolvingnameserver.com/freerns.html

Others suggest using DNS servers operated by Level(3) (4.x.x.x), but those are not openly approved for public use. Level(3) has talked about restricting recursive lookups to only their immediate customers, so even though they work for everyone today that might not continue to be the case if they get concerned with the traffic loads.

said by amungus :

Sure, everyone mis-types an address from time to time, but if it gives me this kind of junk before I can click the stop button, or a generic REAL error result, then I want absolutely nothing to do with it.

People click on advertisements, and since I've made money from ad click sources I can't complain too loudly about the practice. It's true that DNS redirection can break some functionality (mail servers and spam block list lookups, for instance), but those are generally problems that only the more savvy users run into. The more savvy broadband users should have no problems changing their resolving DNS servers to another option that meets their needs.
reply

espaeth @ 9th Nov 06:32PM:
Re: question

said by RARPSL :

BTW: If you run your own DNS Server, update your ROOT-SERVERS list since one of them has changed its IPN and will in a few months go away (it has two IPNs right now and the old one will be withdrawn eventually).

The new list of root server IPs is automatically fetched when it does an NS lookup for "." from one of the IPs in the hints file. The hints file specifies the list of initial IPs to query, which is usually the root name servers, but any resolving server upstream from you in the DNS hierarchy could technically be used for the initial query. For Bind and most other popular name server daemons, the only time this name server change will be an issue is when the daemon is first started if it picks the L-server IP from its hint file you will have to wait for that request to time out before it will try another to get the NS list. Once the daemon is established there is absolutely no impact even if you never update the named.ca hints file.
reply

amungus @ 9th Nov 08:18PM:
Re: It's like getting a recoded message when you misdial

Now that would be comical. It would also make for a good, humorous way to make you double check yourself, or search for the right info.

I think that'd actually be a very funny thing to do. Have it just start playing a totally lo-fi audio clip of those old tones, then the specific error message.

There are much bigger concerns like spammers and scammers who cause grief for people. What kind of prioritization is that?

The internet: does not come with batteries, assembly required, no warranty...
reply

rcdailey @ 9th Nov 09:08PM:
Re: DNS opt out is flawed

It's essentially the same as if you had used a search engine to find the link, but if it's not your choice to do that, then that's not such a good thing.

The point about breaking the way DNS is supposed to work, changing it so that the standard error page doesn't display, seems valid. If local applications depend on that error page in order to work properly, then that would become a real headache if the provider simply changes things without notification or without permitting an opt out.
reply

rcdailey @ 9th Nov 09:22PM:
Re: It's like getting a recoded message when you misdial

If you dial a busy number, do you want to hear an offer to automatically redial that number for a small fee? That's what the phone companies are doing now. If Internet providers did the same thing, then when a website was not available you might be given a list of alternative sites. Maybe that's the next thing that will happen.
reply

en102 @ 9th Nov 10:00PM:
Re: question

Yup... and then they'll be proxied/nat'd
--
Canada = Hollywood North
reply

shortckt @ 9th Nov 11:55PM:
You asked for a valid example...

I've quickly read thru a few of your other posts and I see you understand the basics without my going into agonizing detail.

My ISP tried DNS redirect last year. It affected my ability to troubleshoot some problems simply by breaking things like ping & trace. Pinging a non-existent domain returned an IP on Level3 networks instead of time-outs.

It affected a customer's exchange server company email with Outlook clients. The remote offices are on a VPN-over the-'net connection. Remote clients could not connect to the exchange server because they (in default config) try resolving names by DNS before WINS. This is a windoze thing. Because the ISP did not tell anyone that they monkeyed with the DNS this took a couple hours to resolve. The fix involved changing the DNS server list on the DHCP servers at each office and refreshing the lease on each desktop... but that was after wasting time figuring out why everything was crazy, since the ISP didn't tell the customers.

My original post about this is »Re: DNS Redirection System Turned Off

AFAIR the same problem (DNS before WINS lookup) also affected a couple of database apps that could not find the SQL server.

Nothing extraordinary here, just a business with multiple offices connected together, their apps broken because somebody decided it was ok to break RFC-1035.

said by jester121 :

(And for all who are poised to write something about "pure unfettered internet" or something like that, save it...

I'm renting a pipeline, don't want any of their "added frills."
reply

jester121 @ 10th Nov 01:53AM:
Re: You asked for a valid example...

shortckt, thanks for taking the time to spell out some concrete examples. I haven't yet read your other thread but I'll check it out.

I could see some issues arising when trying to troubleshoot your target domain's DNS records, or something like that. I'm a bit confused about how changing DNS broke VPNs, unless there were suddenly a bunch of typos in the configs of the VPN routers or clients. I'll check back once I've read the entire thread.

EDIT - Okay, now I see what you're talking about. If nothing else this certainly pointed out the need for proper internal DNS resources for your client's branch offices, right? :)
reply

shortckt @ 10th Nov 07:36AM:
You asked for a valid example...

said by jester121 :

I'm a bit confused about how changing DNS broke VPNs...

It didn't affect the VPN between the routers, I just mentioned VPN as the pipe between offices.

said by jester121 :

EDIT - Okay, now I see what you're talking about. If nothing else this certainly pointed out the need for proper internal DNS resources for your client's branch offices, right? :)

They did, I set it up that way. All desktops, network printers etc. had DNS name entries (resource records) on the company's own DNS server. An option can be enabled in the DNS server that if a DNS lookup fails, it will next try to resolve names for a client by querying the integrated WINS database. Since DNS lookups never failed, instead returning valid records pointing to "helpful paid search results" page, the company's DNS server never tried to query the WINS data. The desktop clients could not find their mail or SQL servers.

I know some people would blame it on MS but in light of active directory integrated with DNS, WINS is actually deprecated and used primarily for backward compatibility. So I can understand DNS lookups being first over WINS lookups.

Although the DNS redirects were only meaningfull to a web browser, it broke other apps.

The ISPs which redirect mis-spelled names are also breaking another well established rule: they are making themselves Authoritative for domain names that they do not own by providing DNS answer records for non existent names. As much as I hate it, at least when some pr0n site operators deliberately register mis-spellings of well known names and redirect those to their own sites, they own those mis-spelled domain names. When an ISP takes it upon themselves to be helpful and e.g. redirect guugle.com for their own purpose, the ISP does not own either guugle.com or google.com.

I understand that DNS protocol allows use of wildcards but I don't believe it was intended to be used like this, otherwise why would the protocol have a 'not found' error return code? IMO wildcards were intended to be used as a catch-all for non-specific sub-domains by the owner of the next-level-up domain.
--
Just valves and condensers!
reply

batterup @ 10th Nov 10:33AM:
Re: DNS opt out is flawed

said by fiberguy :

Evolve!

You are one of the unhappiest people yet you have what you want. I guess some people will be unhappy no matter what.
reply

batterup @ 10th Nov 10:37AM:
Re: DNS opt out is flawed

said by sporkme :

Gone are the days of double-digit long distance, phone rentals, and all that other "good stuff". Sniff...

So you got what you want enjoy.

I am sure it is totally a coincidence that the US of A has fallen mightily compared to the rest of the world sense the murder of Ma. The pipe provide no longer innovates, the pipe provider now hustles and sues. Enjoy your new standard and place in the world.
reply

fiberguy @ 10th Nov 12:44PM:
Re: DNS opt out is flawed

Funny, I was thinking the same thing about you... except I would have ended at "You are one of the unhappiest people.. "

I just don't understand why ou jump in every thread with the same one topic post.. who's weeping and ? who wanted bell in one piece other than you?

I sometimes wonder if you were one of those old time telephone execs from AT&T who had life set for himself and then everything pulled out from under you when the government pulled out the rug from under your cushy lifestyle.

I just don't get it..

.. and I'm very happy... Sorry.. unlike some, I'm far from sitting in the rusted out jeep in my front yard, on blocks, with my metal army hat on, a whip, bottle of whiskey in one hand, while shouting at the kids to get a haircut and get off my yard while telling them they won't make something of themselves...
--
"Complaining is the least path of resistance for the self-serving, the lazy, and I’m told it’s a woman’s prerogative..."
reply

batterup @ 10th Nov 01:08PM:
Re: DNS opt out is flawed

said by fiberguy :

.. and I'm very happy... Sorry.. unlike some, I'm far from sitting in the rusted out jeep in my front yard, on blocks, with my metal army hat on, a whip, bottle of whiskey in one hand, while shouting at the kids to get a haircut and get off my yard while telling them they won't make something of themselves...

You also said

quote:
There is this small group of so-called internet pioneer warriors that think they are going to gain a victory for the masses when all they are doing is messing things up for the majority.

Can I have a ride in your jeep and a swig from your jug there Bubba?
reply

cghh @ 10th Nov 09:32PM:
Redirection tool preemption

I would think that providers (like Yahoo or Google) who would like for you to install their mistyped-URL-handler in your browser would be rather upset at your ISP summarily preemting all of them. I would think that they stand to lose a LOT of $$ due to this scheme.

The place for these handlers is in browsers, not at the core Internet level.

BTW, with E-mail, it is true that SMTP servers will first do a MX lookup, but if that fails, they will then do an A lookup, which will never fail with this corrupted DNS.

And I wonder if there is a lawsuit in there somewhere due to the fraudulent assumption of authority over domains these ISPs don't own.
reply

antdude @ 11th Nov 03:30AM:
Is it mandatory?

I currently use OpenDNS. Is TWC going to force subscribers to use TWC's DNS'?
reply

anon @ 11th Nov 06:08PM:
Re: Redirection tool preemption

said by cghh :

BTW, with E-mail, it is true that SMTP servers will first do a MX lookup, but if that fails, they will then do an A lookup, which will never fail with this corrupted DNS.

That is the exact problem that occurred when Verisign (who runs roots for .com) tried this very same thing a couple of years ago.

It was on a much larger scale, of course, since it applied to everyone everywhere, but email problems were rampant. Instead of immediate bounces for improper domains, suddenly every email domain appeared valid and would sit on queue for days before bounces would happen. Millions of sites were affected, and eventually most large ISPs had to override the A record and put those IP addresses on their ignore lists.

There are undoubtedly thousands of other applications that depend on NXDOMAIN responses being properly returned on invalid domains.

HTTP is not the Internet, and ISPs need to remember that.
reply

estover @ 11th Nov 07:52PM:
Re: Typical much ado...

Copied from my post in another thread.

I have over 35 servers I monitor for availability, this includes DNS settings/monitoring. Now if the DNS server I use will redirect a failed lookup to a functional IP, it will not alert me to a down server.

Site Finder kind of stuff is OK for the average user, but remember the Web is not only used by 400 pound people with fat fingers looking for porn.

If they are going to break something that doesn't need fixing make it opt-in.

But more to the point, why change it?

If you think about it, they now own all the domain names that are not owned by someone else. This amounts to a hijacking of the the unregistered names.

If you are going to make a change to the way the Internet works there are channels that you need to go through.
reply

openbox9 @ 12th Nov 08:03AM:
Re: greed

Yep, except it's not the electric company, it's not regulated, and you do have a choice to change providers...or do without.
reply

openbox9 @ 12th Nov 08:07AM:
Re: greed

Obviously :uhh:
reply