dns - golog

Martin_Hannigan2 · October 19, 2006, 9:27pm

* From: Luke Besson
* Date: Thu Oct 19 08:54:47 2006
I work for a big French ISP and I manage the DNS architecture (based on Linux+Bind); Golog proposed to our society the DNS redirect service (redirect all the not existant domains according to marketing criteria).
Even if our marketing team would like to join this solution, our technical team opposes hardly to such a not-standard implementation of the DNS.
Can you suggest me any objective reason in order to invalidate this proposal?

This is a network autonomy issue. What occurs inside the provider
edge related to routing and applications is the responsibility of
the provider and they have the right to modify answers or routes
in their networks, even if they are not "theirs".

There is some "holy grail" you should consider, like making sure that
etrade.com is etrade.com, the legitimate IP/trademark holder.

The questions to ask yourself as an organization are something
like this:

a) is there enough revenue here to consider?

b) is someone else going to capture revenue between my customer
and myself if I don't?

c) will this break my network or the networks of others?

If you can answer the first two yes, the third is worth
trying to make "no".

-M<

Thomas_Leavitt · October 19, 2006, 10:53pm

What would a query result for a non-functioning domain look like? Or
would this only apply to unregistered domains? Would a common user be
able to distinguish between a domain that was registered, but for which
DNS was not functioning, and one that was unregistered? If I were a
user, and forgot to renew a domain, would it immediately go into this
pool when it expired - thus presenting all of the potential viewers not
with an DNS error message, but someone else's advertising?

If I ran utilities and services which expected to obtain a different
response, depending on whether a DNS query was successfully resolved,
what would happen to them?

How would, say, SMTP servers which rejected hosts for which no valid DNS
could be determined, behave as a result of this set up - would mail no
longer be rejected if it came from
evilspammer@adfasdfjjlasdfafdkasdf.com? How about programs designed to
time out when DNS lookups failed... etc. etc. There are a whole host of
issues that emerge when you deliberately and consciously "break" DNS
this way...

if golog has answers to these questions, it might be interesting to hear
them...

... finally, why go through all this hassle for what has to be an
utterly trivial amount of money resulting from people being presented
with something totally unexpected and clicking on a link therein... how
valuable are these people as customers? I can't imagine much...

Thomas

Martin Hannigan wrote:

Martin_Hannigan2 · October 19, 2006, 11:35pm

Hi Thomas!

[ snip ]

... finally, why go through all this hassle for what has to be an
utterly trivial amount of money resulting from people being presented
with something totally unexpected and clicking on a link therein... how
valuable are these people as customers? I can't imagine much...

> a) is there enough revenue here to consider?

This isn't something that's so easy to determine, but
golog and others must have a financial model in order
to be pursuing it.

Here's a visionary article related to this topic, but
at the root server level, even more of a delicate issue,
but with the same principles as the one we're discussing:

And this article shows the convenience of falling back
on standards when they serve your purpose:

http://www.circleid.com/posts/paul_vixie_on_fort_nocs/

YMMV:

Best Regards,

Martin

Simon_Waters1 · October 20, 2006, 7:45am

Here's a visionary article related to this topic, but
at the root server level, even more of a delicate issue,
but with the same principles as the one we're discussing:

No this is the difference between impersonation, and service.

I think one problem is that IANA doesn't have a "brand name", so when you buy
an Internet connection you aren't told you are getting an IANA DNS, that is
assumed. The interesting question is whether that is sustainable if a lot of
ISPs provide a non-IANA DNS service. There may be an argument for saying that
"non IANA DNS" services can't be described as "Internet services", but that
is an issue for ICANNs lawyers.

Techies Wanna Do Policy

Karl was so wrong on the F root-server issue. Paul asserted no new right, most
companies and organisation would act legally against impersonators of their
products and services, Paul is merely asserting he believes IANA (or the ISC
since it is their address space) would do the same.

Let us assume, for the moment at least, that the ISC will do what Paul thinks
is the correct thing to do!

There is a HUGE difference between providing a modified DNS service to ones
consenting clients, and subverting the Internet experience in such a way that
clients find that systems clients are talking to, are fakes.

And this article shows the convenience of falling back
on standards when they serve your purpose:

Paul Vixie on Fort N.O.C.‘s

The only standards fallen back on, are an assertion that there are standards
root server operators must adhere to, or lose their role. That is a statement
of fact -- although one might argue as to whether one could effectively
enforce these standards -- bringing facts, and expertise, to the debate is
why you want people like Paul involved.