dns - golog

Luke1 · October 19, 2006, 12:50pm

I work for a big French ISP and I manage the DNS architecture (based on Linux+Bind); Golog proposed to our society the DNS redirect service (redirect all the not existant domains according to marketing criteria).
Even if our marketing team would like to join this solution, our technical team opposes hardly to such a not-standard implementation of the DNS.
Can you suggest me any objective reason in order to invalidate this proposal?

Regards

Luke

Simon_Waters1 · October 19, 2006, 1:50pm

Been done to death here before, assuming it is the same sort of DNS hack as
the others.

Basically if you can guarantee that all DNS servers are used exclusively for
browsing then it probably won't generate much of a problem (maybe complaints
but not that many technical problems).

If your clients use DNS for SMTP (or possibly other stuff but SMTP will do),
then a wildcard breaks a lot of things.

You can demonstrate if clients used DNS in such a fashion, dump the database,
and look for common DNS BL for spam filtering. If that data is in your cache,
at least one of your clients email systems will likely break with this
change.

Stefan blogged this in response to previous discussion here;

http://blog.zaphods.net/articles/2006/07/17/re-sitefinder-ii-the-sequel

Of course it is a business decision, upsetting lots of customers, and losing a
lot of email, breaking common Internet assumptions may be a good business
decision if the customers left generate you enough revenue. But I would be
cautious myself.

Wildcard DNS can make troubleshooting a problem due to a mistyped name a real
pain. I know I've had that pain, what with ssh claiming that the key had
changed, and all sorts of weirdness I didn't need when the pager went off in
the small hours, because I types a name wrong, and got a server I wasn't
expecting.

Valdis_Kletnieks · October 19, 2006, 2:43pm

Others have pointed out that wildcarding *might* work when done to consenting
HTTP traffic. It certainly doesn't work very well if applied to non-consenting
HTTP, or non-HTTP.

On the other hand, if your policy-makers want to get a piece of the big
revenue stream and positive PR that Verisign and Earthlink got when they
deployed similar schemes, there isn't much I can do other than channel
Randy Bush at you....

Niels_Bakker · October 20, 2006, 10:09am

* very.luke@gmail.com (Luke Besson) [Thu 19 Oct 2006, 14:51 CEST]:

I work for a big French ISP and I manage the DNS architecture (based on Linux+Bind); Golog proposed to our society the DNS redirect service (redirect all the not existant domains according to marketing criteria).

[..]

Can you suggest me any objective reason in order to invalidate this proposal?

HTH

-- Niels.