  ctg1701a
join:2008-08-07 Philadelphia, PA
| [DNS] Comcast Launches Trial of Domain Helper Service
Comcast just announced the start of a technical trial of the DNS redirect service we are calling Domain Helper, to provide what we consider a better Web surfing experience to our customers. This is similar to DNS redirect services provided by almost every other large ISP. This trial started today in the following market areas: Arizona, Colorado, New Mexico, Oregon, Texas, Utah, and Washington.
There are several important things about this trial that maybe of interest to BBR readers:
1 Since a number of our expert customers have statically-configured the IP addresses of our DNS servers, we have added this DNS redirect functionality to NEW DNS IP addresses. As a result, customers who have statically-configured their DNS IP addresses to our DNS servers are by default OPTED-OUT.
2 Customers in the trial markets, using DHCP-assigned IP addresses for their Comcast DNS servers are opted-in by default. Our hope is that our customers will find this service helpful, but if there is any reason they wish to discontinue using this service, however, they can opt-out. Opting-out is simple, via an easy-to-find link on the top of the Web error page one receives when an invalid domain named is entered into a browser. That page can also be accessed directly at »https://dns-opt-out.comcast.net (this is a temporary method that is likely to eventually move to the Account Management page).
3 Comcast does not block the use of third-party DNS servers. While we recommend customers use our DNS servers, they are free to use any third-party DNS servers of their choice.
4 As we considered how to implement the Domain Helper service, we observed that it was difficult to discern common practices (much less best practices) across ISPs. As a result, we have taken the lead to work with many contributors to produce the first draft of a possible Best Current Practices document at the IETF. The objective of this document is to describe the design of DNS redirect services deployed today by ISPs and DNS Application Service Providers (ASPs), and other organizations providing DNS redirect services via their recursive DNS services, as well as to describe the recommended best current practices regarding such systems. This document is available at »tools.ietf.org/html/draft-living···irect-00. We are actively soliciting comments on this document and hope to be able to present it at the next IETF meeting in late July.
Chris Comcast National Engineering & Technical Operations |
|
  jlivingood Premium,VIP join:2007-10-28 Philadelphia, PA | See also »www.comcastvoices.com/2009/07/do···you.html -- JL Comcast |
|
  nate1234
join:2008-08-21 Moorestown, NJ | reply to ctg1701a What exactly does it do? Cache webpages or something? Why not just partner with OpenDNS? |
|
  jlivingood Premium,VIP join:2007-10-28 Philadelphia, PA
| said by nate1234 :What exactly does it do? Cache webpages or something? Why not just partner with OpenDNS? Basically, when you type an invalid domain name instead of getting a page not found error, you are directed to a search page with some suggestions to help. In most cases you get a "Did you mean..." sort of recommendation. -- JL Comcast |
|
  usa2k Please PRAY for Rebekah Premium,MVM join:2003-01-26 Canton, MI clubs:
·VOIPo
·WOW Internet and C..
·Broadvox Direct
| Re: [DNS] Comcast Launches Trial of Domain Helper Service
This should work like a lead balloon!
»Invalid URL Redirects?
»news.cnet.com/2100-1032_3-5086101.html
Very BAD idea. Good name for it though |
|
  Rob In Deo speramus, God Bless the USA Premium join:2001-08-25 Kendall, FL | reply to ctg1701a Re: [DNS] Comcast Launches Trial of Domain Helper Service
Terrible idea. *shakes head* |
|
  nate1234
join:2008-08-21 Moorestown, NJ | reply to jlivingood great... more advertising. I agree rob and usa2k |
|
  koitsu Premium join:2002-07-16 Mountain View, CA
4 edits | reply to ctg1701a I wonder if Comcast realises this can (read: does) break spam filtering on the client-side if DNS resolution (forward and reverse) is used as a form of validation.
There's numerous other "gotchas" which I can go into if people are curious. But as others have mentioned, other ISPs have tried this and gotten shot down as well.
Also, Comcast rolling this out now puts into question whether or not this individual was telling the truth, and that "ComcastBonnie" who stated publicly "engineering confirms we do not hijack any DNS traffic in our network and certainly not to 3rd party resolvers" was probably lying.
Like others have said: very, very bad idea. Comcast, you will end up rolling this back, so be sure to forward my comments on to whatever managerial or marketing idiot proposed this idea to begin with. :-)
EDIT: Also, there's a problem with the opt-out Emails your opt-out page sends. The Emails themselves contain a multipart attachment (which is fine), however there's no content in the actual mail itself -- the content is only available inside one of the multipart attachments. This is what I'm talking about:
If we examine the multiparts, we see:
Attachment #2 contains a text version (text/plain) of the content in attachment #4 (text/html). Attachment #2 should really be placed in the root body of the Email (what would be shown above as Attachment #1). -- Making life hard for others since 1977. I speak for myself and not my employer/affiliates of my employer. |
|
  NOVA_Guy Obama- Commander in Thief Premium join:2002-03-05
·VOIPo
| reply to ctg1701a So how will users who do not opt out of this advertising barrage be compensated?
Will Comcast be willing to decrease the price of their Internet service for these folks as they roll this out nationwide? It seems to me that if Comcast is to make more money off of advertising gimicks like this, they should also be able to use it to offset a portion of their subscribers' costs.
How Comcastic...  -- It took Abraham Lincoln to free the slaves. And it's taking Barack Obama to enslave the free. The Obama Administration: as transparent as my grandmother's flannel nightgown. |
|
  nate1234
join:2008-08-21 Moorestown, NJ | Hey, If it reduces my bill, sign me up! |
|
  ctg1701a
join:2008-08-07 Philadelphia, PA
| reply to koitsu said by koitsu :I wonder if Comcast realises this can (read: does) break spam filtering on the client-side if DNS resolution (forward and reverse) is used as a form of validation. There's numerous other "gotchas" which I can go into if people are curious. But as others have mentioned, other ISPs have tried this and gotten shot down as well. Also, Comcast rolling this out now puts into question whether or not this individual was telling the truth, and that "ComcastBonnie" who stated publicly "engineering confirms we do not hijack any DNS traffic in our network and certainly not to 3rd party resolvers" was probably lying. We were aware and working with the twitter team when the person claimed we were hijacking DNS traffic which was just not true. We do not hijack 3rd party DNS traffic and based on the response from users on slashdot as well as the larger Comcast community this was proved false.
You should also be aware we are working on an internet draft with many other internet and DNS providers to help get these services more standardized and hopefully not disrupt other services as they have in the past. |
|
  koitsu Premium join:2002-07-16 Mountain View, CA
| Fair enough, but it does seem a bit suspicious that someone would encounter redirection services on Comcast (and some other people who commented in the blog also were seeing it), regardless of what DNS servers they were using, be told officially "we don't do this sort of thing", then two days later find the anomalous behaviour had disappeared. Fast forward a month, and Comcast rolls out identical in concept in multiple test markets.
I'll read the draft this weekend. And I'm hoping it discloses exactly how (and where) said redirection methodology is being done. I'm crossing my fingers Sandvine equipment isn't involved. -- Making life hard for others since 1977. I speak for myself and not my employer/affiliates of my employer. |
|
  funchords Hello Premium,MVM join:2001-03-11 Washington, DC
·Verizon Online DSL
·Skype
| reply to ctg1701a Chris,
Yuck! (I hate errorvertising) but thanks for the thoughtful way this is being implemented AND ESPECIALLY for the leadership of getting this much-needed conversation going in the IETF.
I hope users vote this down, but I doubt it. Sure sounds like the opt-out is easy which would even limit my own objections.
Robb -- Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL Evil does seek to maintain power by suppressing the truth, or by misleading the innocent. --Spock and McCoy stardate 5029.5 |
|
  avd706 insert annoying animated gif here Premium join:2003-02-06 Union, NJ
| reply to ctg1701a said by ctg1701a :You should also be aware we are working on an internet draft with many other internet and DNS providers to help get these services more standardized and hopefully not disrupt other services as they have in the past. That's it, instead of complying with the rules, just change them. -- Team JON. |
|
  ctg1701a
join:2008-08-07 Philadelphia, PA
| reply to funchords Thanks Robb,
We worked very hard to deliver a seamless opt-out and get this into the IETF to help standardize these things because there are a lot of implementations out there and some not so good. We are aiming to do better with our implementation and also with our DNS systems in general.
Thanks |
|
  funchords Hello Premium,MVM join:2001-03-11 Washington, DC
·Verizon Online DSL
·Skype
| My gripe with Verizon is their opt-out is simply to hard-code a x.x.x.14 DNS instead of the DNS assignments given for DHCP. It's not an easy work-around for someone not versed in networking.
I'd like to see your paper take on these non-method methods and describe a system (perhaps yours) that is easy on the non-techie customer. -- Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL Evil does seek to maintain power by suppressing the truth, or by misleading the innocent. --Spock and McCoy stardate 5029.5 |
|
  funchords Hello Premium,MVM join:2001-03-11 Washington, DC
·Verizon Online DSL
·Skype
1 edit | reply to avd706 said by avd706 :That's it, instead of complying with the rules, just change them. IETF and ISOC memberships are open and free. Please join.
I have a feeling that this proposed "BCP" (best current practice) will have a problem as the current (don't mess with how DNS works) is probably the best.
ISPs are doing crap like this more and more and, if they're going to do errorvertising, and if DNS users are going to let it slide, then they might as well do it in the most least-impactful, user-friendly way possible. Good on Comcast for giving this a shot -- it's awesome. They could be like many other ISPs and just inflict it on the users.
That said, this was the problem that caused my Windows/Linux name services fail-over to fail to fail-over until I finally figured it out -- that cost me a day of my life I'll never get back. (How's that for a tongue twister?) -- Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL Evil does seek to maintain power by suppressing the truth, or by misleading the innocent. --Spock and McCoy stardate 5029.5 |
|
  delusion ftl
@algx.net
thumbs down from: avd706 
| reply to ctg1701a If you truly are interested in deploying this as something to help your customers then you should consider the superior method of having some client side software (for example, the browser) react to bad domains in a way that is helpful for the customer. That way everyone gets the user experience they expect and you avoid all the negative backlash.
However I'm suspect that this idea is any more than a money grab under the guise of a customer helping tool, since already 99% of the internet users know exactly what to do when they put in a bad domain name. You WILL show your true intentions if there are ANY revenue generating items in the service.
Maybe you should consider doing the same for your voice services. If someone dials any incorrect phone number or maybe one that's not available/busy, you should let it ring into an operator who will offer to help you if you listen to some ads. "I realize you were trying to call Chili's restaurant, may i suggest an olive garden near you?"
Also you should make every channel someone would type into their TV or Cable box, display ads with a little icon suggesting that this is an invalid channel. |
|
  usa2k Please PRAY for Rebekah Premium,MVM join:2003-01-26 Canton, MI clubs:
·VOIPo
·WOW Internet and C..
·Broadvox Direct
| reply to ctg1701a said by ctg1701a :Thanks Robb, We worked very hard to deliver a seamless opt-out Personally, anything with an Opt-Out should only take effect by choosing an Opt-In.
Anything else of this sort I view as Spam. YMMV --
Jim, VoIP 12/2002, VOIPo 2/2007 FAH-Tool ... Pets ... USA2K site ... Artist-247 |
|
  funchords Hello Premium,MVM join:2001-03-11 Washington, DC
·Verizon Online DSL
·Skype
| reply to delusion ftl said by delusion ftl :Maybe you should consider doing the same for your voice services. If someone dials any incorrect phone number or maybe one that's not available/busy, you should let it ring into an operator who will offer to help you if you listen to some ads. "I realize you were trying to call Chili's restaurant, may i suggest an olive garden near you?" Also you should make every channel someone would type into their TV or Cable box, display ads with a little icon suggesting that this is an invalid channel. You do realize what you have just done, don't you?  -- Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL Evil does seek to maintain power by suppressing the truth, or by misleading the innocent. --Spock and McCoy stardate 5029.5 |
|