dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
15
share rss forum feed

openbox9
Premium
join:2004-01-26
Germany
kudos:2
reply to amungus

Re: question

said by amungus:

Can an avg. home user use them or their nearest neighbors that are NOT part of this whole redirection insanity?
You can use whatever DNS servers you'd like. I wouldn't use the root servers though.


swhx7
Premium
join:2006-07-23
Elbonia

Agreed. Going directly to the root servers is not the way it's supposed to work.

The standard envisions that each end device (your PC) will use a local-to-it DNS server - specifically one provided by the organization the user is a part of, or the internet provider. If that server doesn't have the answer it will pass the query to a higher-level DNS server, and so on, the root servers being a last resort (but they will just try to point your query to the appropriate provider).

And if there is no IP found for the domain name, the standard says a NX reply should be returned. It is these that the ISPs are hijacking to spew some ads at users.

Until this latest fast-buck scam it was always the ISP's job to provide a standards-compliant DNS server.

Even with this nonsense going on, in most cases the ISP has offered at least one correctly-behaving DNS server for customers who want to opt out of the falsified results. If you are subject to this redirection and want to avoid it, see if there is an address for a real DNS server hidden in some corner of your provider's website.



fifty nine

join:2002-09-25
Sussex, NJ
kudos:2

They'll probably start blocking external DNS servers next.

That's the next logical step, anyway.

Pretty soon all we'll be left with is port 80, 443 and a few others.



RARPSL

join:1999-12-08
Suffern, NY
reply to swhx7

said by swhx7:

Agreed. Going directly to the root servers is not the way it's supposed to work.

The standard envisions that each end device (your PC) will use a local-to-it DNS server - specifically one provided by the organization the user is a part of, or the internet provider. If that server doesn't have the answer it will pass the query to a higher-level DNS server, and so on, the root servers being a last resort (but they will just try to point your query to the appropriate provider).
This provider supplied DNS Server while the normal case is a fall-back to the case were there is a running DNS Server on the user's Computer/LAN. In that case, it is that DNS Server that does the resolution or goes to the Root Server and runs the chain to the correct Authorised DNS Server.

BTW: If you run your own DNS Server, update your ROOT-SERVERS list since one of them has changed its IPN and will in a few months go away (it has two IPNs right now and the old one will be withdrawn eventually).


espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2

said by RARPSL:

BTW: If you run your own DNS Server, update your ROOT-SERVERS list since one of them has changed its IPN and will in a few months go away (it has two IPNs right now and the old one will be withdrawn eventually).
The new list of root server IPs is automatically fetched when it does an NS lookup for "." from one of the IPs in the hints file. The hints file specifies the list of initial IPs to query, which is usually the root name servers, but any resolving server upstream from you in the DNS hierarchy could technically be used for the initial query. For Bind and most other popular name server daemons, the only time this name server change will be an issue is when the daemon is first started if it picks the L-server IP from its hint file you will have to wait for that request to time out before it will try another to get the NS list. Once the daemon is established there is absolutely no impact even if you never update the named.ca hints file.


en102
Canadian, eh?

join:2001-01-26
Valencia, CA
reply to fifty nine

Yup... and then they'll be proxied/nat'd
--
Canada = Hollywood North