GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
4 edits | DNS redirection is NOT deep packet inspection
DNS redirection and deep packet inspection are 2 entirely different animals. DNS redirection is NOT achieved using deep packet inspection. It is done by Rogers having control over their own DNS servers and when you type an invalid or partial domain name it redirects to a Rogers search page instead of the std error message. Changing from Roger's DNS servers to something else like OPENDNS servers fixes that, which wouldn't be possible if they were doing it thru deep packet inspection.
Of course, OpenDNS also provides a redirection page with advertising when you type in a bogus domain name unless you become a free customer and then TURN OFF typo correction as an option. Then it returns an error page like some want. It just doesn't come from Rogers. If you really really need a DNS server that doesn't redirect on errors and just returns the error message, there are some out there. But you will have to look hard for them, as most ISPs now redirect on domain name errors.
And calling it a "Net Neutrality" violation is a stretch, as Techdirt points out in this BBR link:
»Is DNS Redirection a Network Neutrality Violation?
Techdirt doesn't think it's a neutrality violation, as users have the right to use alternative DNS servers: it's worth keeping in mind that you're not required to use your ISP's DNS server at all. ISPs provide DNS servers as a courtesy, the same way they might provide you with a free email account. But you don't have to use it. You're free to point your computer to another DNS server, such as OpenDNS, just as you can use a third-party email service such as GMail. The subject is also being discussed in the Rogers forum here at BBR where they also discuss workarounds and some DNS servers(not Rogers) that don't redirect:
»rogers inserting advertisements into my browser - WTF?
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
Tristan
join:2006-09-10
Nepean, ON
·Rogers Hi-Speed
| I tried OpenDNS, and sure, it works, but I didn't like the fact that they were actually slower for me than Rogers own DNS servers. I am looking for a faster DNS server, that doesn't fool around with my experience (eg: offer searches with ads, mess around with std. error messages, etc.)
It is a Net Neutrality violation to a great many, regardless of what "experts" lead us to believe. Geeks like you and I may know how to switch DNS servers, but the average Joe doesn't even know what a DNS server is, let alone know how to choose one of their own volition. They trust that the service just works, and when it stops working the way they know and love, they loose trust.
Trust is key in the Net Neutrality debate. |
|
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by Tristan  :I tried OpenDNS, and sure, it works, but I didn't like the fact that they were actually slower for me than Rogers own DNS servers. I am looking for a faster DNS server, that doesn't fool around with my experience Try the DNS servers mentioned in this post:
»Re: rogers inserting advertisements into my browser - WTF?
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
drjp81
join:2006-01-09
canada
 ·TELUS
·TekSavvy Solutions..
| reply to GOLFnSUN
said by GOLFnSUN :DNS redirection and deep packet inspection are 2 entirely different animals. DNS redirection is NOT achieved using deep packet inspection... You totally missed it. Rogers is rederecting failed DNS requests and possibly others based on the DNS names that are passed through it's customer's HTTP requests.
Which means there is a discrimination of what service or protocol you are using for the DNS redirection. So while a ping at www.blababla.com might answer nobody's home, Rogers can hijack a HTTP request without even attempting to resolve the name.
How then can you trust the content of a website?
You go to wikipedia.org, Rogers detect via DPI the URL and domain name you are going to, and the redirect parts of the site with whatever content is commercially viable for them.
That's the plan.
--
Cheers! |
|
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by drjp81 :You totally missed it. Rogers is rederecting failed DNS requests and possibly others based on the DNS names that are passed through it's customer's HTTP requests. Which means there is a discrimination of what service or protocol you are using for the DNS redirection. {they all do that. No service is redirecting non-http(s) requests} So while a ping at www.blababla.com might answer nobody's home, Rogers can hijack a HTTP request without even attempting to resolve the name. How then can you trust the content of a website? You go to wikipedia.org, Rogers detect via DPI the URL and domain name you are going to, and the redirect parts of the site with whatever content is commercially viable for them. That's the plan. But that isn't what they are doing or even what they are being accused of. They are redirecting bad domain names to their search engine and nothing else. Saying they COULD do this or COULD do that doesn't prove anything. Any business supplying DNS services COULD do many things.
Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now and also many Toolbars - Google included. Most people like the service. For those that don't - there are DNS servers out their that will just return an error when something is mistyped or when a page has an invalid link.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
GeekGirl1
The Medium IS the Message
Premium
join:2007-01-28
Morrisville, PA | reply to GOLFnSUN
And for those on Verizon FiOS which has been doing DNS redirects since late last year: »how to opt out of Verizon's DNS not found page |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| reply to GOLFnSUN
Deep Packet Inspection is a big game changer. It CAN be used to perform DNS redirection -- it can be used to change any Internet service provided it doesn't require a 3rd-party brokered key to operate.
I agree with you that it probably isn't in use in this case, especially since 3rd party DNS servers aren't also being intercepted.
Still, this stresses the need for rules around the use of DPI. Users shouldn't have to wonder whether or not it is in use. Similarly, if ISPs are going to change the way the Internet works, that ought to be disclosed and optional.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
Comcast: We never did anything wrong, and we'll never do it again...
|
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to GOLFnSUN
said by GOLFnSUN :Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now Almost "all" -- do you have a source for that truthiness?
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
Comcast: We never did anything wrong, and we'll never do it again...
|
|
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
1 edit | said by funchords :said by GOLFnSUN :Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now Almost "all" -- do you have a source for that truthiness? BBR. Verizon, TW/RR, Cox, Embarq, Qwest, Rogers, Earthlink, Charter, Bresnan, etc. are all doing it.
»/nsearch?q=dns···vanced=1
So far, as best I could determine with search tools, AT&T & Comcast haven't started doing this yet.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC | Awesome, thanks! I agree, there are some big names in there. More than I thought. |
|
