Anybody know what is up/down with the GTE/Level3 name-servers used the world over on 4.2.2.1, 4.2.2.2? Suddenly started getting no responses from them for a couple of our side apps.
I hope these servers stick around forever, they’re kind of an Internet legend.
Cheers,
Randal
Anybody know what is up/down with the GTE/Level3 name-servers used the world
over on 4.2.2.1, 4.2.2.2? Suddenly started getting no responses from them
for a couple of our side apps.
Testing from an l3 customer network which got responses and a non-l3
customer network which did not implies that they finally clamped down
on non-customer use of their anycasted resolvers.
I hope these servers stick around forever, they're kind of an Internet
legend.
Open resolvers are seriously abused by botnets and related baddies.
Perhaps you might need to run a set of resolvers, or get your service
provider[s] to give you something similar to well-tuned anycasted
resolvers.
Cheers,
Joe
Not to start a debate but I've used OpenDNS since last year and been
VERY happy with it.... use it in situations where there is no localized
DNS server available....
And yes, to agree - open resolvers are very badly abused .. I'm
surprised it took them this long...
Paul
Joe Provo wrote:
Open resolvers are seriously abused by botnets and related baddies. Perhaps you might need to run a set of resolvers, or get your service
provider[s] to give you something similar to well-tuned anycasted
resolvers.
Rumor from a previous discussion of these "well known" resolvers was that they were deliberately encouraging their use by non-customers, data-mining the lookups for marketing purposes, and selling the statistical results.
It`s really interesting, was there many years ago a message: "Oh, they shut down an Internet legend, the last well-known open SMTP relay! It was so comfortable to use it..." 
randal k wrote:
It's fine if you don't mind your DNS server lying to you.
Tony.
dot@dotat.at (Tony Finch) writes:
> Not to start a debate but I've used OpenDNS since last year and been
> VERY happy with it....It's fine if you don't mind your DNS server lying to you.
i was told that if one opts out of the nxdomain remapping service, opendns
behaves normally ("no lies") and gives good performance. so, while i'll
likely continue to run my own recursive resolvers (since it's easy and since
i like the low RTT for transactions having high frequency), it's not because
i'm avoiding "lies".
OpenDNS is also a 'service' that a user 'opts-in' for.. it's not like
some of the other 'services' provided by ISP's that are not 'opt-in'
but rather 'opt-out' and potentially detrimental to your internet
activities...
Everyone has their opinion about OpenDNS, that's cool... but since you
choose to use them (or not) it's entirely your 'fault' if you get
'lied' to. I would note that after my initial upset-ed-ness about
OpenDNS the fact that you have to choose to use them makes it
perfectly fine in my book.
(I still use my own resolvers as well, but...)
-Chris