| caching servers I have been noticing a lot of my traffic is going to a caching server. Is there a way to disable this? (other than blocking all traffic in and out on 67.232.246.0/24)
After embarq started hijacking 404's now this. This broke some of my customers networks by not returning NX domain for non-fqdn intranet lookup's and returning the public ip address of their search page.
(I fixed this for my customers by running my own dns server and not using the 4.2.2.2 that tech support suggested)
Also jacking my caller id from $8.50 to $11.50 did not help
Communist-cast is looking better
drxray |
|
 GeekJediRF is Good For YouPremium
join:2001-06-21
Mukwonago, WI
 ·CenturyLink
 ·VOIPo
| I would have used 4.2.2.2 - 4.2.2.5 for DNS instead of your own servers - those are very reliable public DNS servers. To each their own however.
As for CenturyLink at least on the CTL side, there's no 404 hijacking going on.
Good luck with Comcast...you'll need it.
--
The goal of the broadcast engineer is to get all the meters on the transmitter to go as far to the right as possible!! |
|
| I will check again to see if 404 hijacking is still up since the centurylink taken over.
I use OpenBSD, so it is a tiny edit of 3 files and reboot to use local dns. Those public dns servers are kinda slow due to the volume of request they get.
Comcast has come a long way locally. At least the business end had been almost flawless since I switched several customers to them. They even changed the PTR records so the e-mail was not blocked due to the rdns resolved to a "ISP"
type of lookup. ie: lan123-sta-router-port-fl.comcast.net They changed it to example: host101.customername.com
Does Centurylink cache web browsing anywhere else? |
|
GeekJediRF is Good For YouPremium
join:2001-06-21
Mukwonago, WI Reviews:
·CenturyLink
·VOIPo
| Nope. In fact in the old CenturyTel areas, there's no port blocking, no throttling, no caching, no 404 redirects...just 'net.
Having said that, I don't know if they have any plans to do any of that now that they're merged with Embarq.
I've always had issues with Comcast, but I think like everyone out there there are good techs, and bad techs. I have had great experiences with CenturyTel though.
--
The goal of the broadcast engineer is to get all the meters on the transmitter to go as far to the right as possible!! |
|
| After testing I have found that Century-link is caching! When I block their caching server all that seems to missing is the images. Go Figure! I will have to find another ISP. Beware other Century* ISP's If they find it useful here they will roll out this crap in their other areas. So if you have a choice do not choose Century anything. |
|
| Sorry to post to my own reply
update: Centurylink is hijacking 404 errors!
the url still says embarq but the web page states it is a Centurylink site.
I'm guessing it will be downhill from now on : |
|
GeekJediRF is Good For YouPremium
join:2001-06-21
Mukwonago, WI | How are you blocking their caching servers? |
|
chelpt
join:2008-05-24
La Crosse, WI | reply to drxray
There is a caching server that is used... but it is ment for DialUp customers only. It used to be called Zoomer back in the day. But it was ment to cache pictures and other web content for those with dialup service. But in order to use it you must install some software on your computer.
Supposedly, the software has a stop gap measure that will notice if downloads are way faster than a normal dialup connection is. At that point, it switches over to non-cached.
But with out this software, (and it will make a tray icon if you have it) you will not be using a cached server.
Now, the question about your nx. The fully qualified domain is for people's protection. Do you have a static IP? And, did you get Centurylink's permission to have that IP reversed association placed to your domain? If you have a business account you can do this. If you just have a residential account, then you are just stuck with a static ip and a one way domain registration. |
|
| reply to GeekJedi
I use OpenBSD as my "router and firewall" It uses PF for the firewall. This is where the "work to share the connection" is done. With PF I can control all of the internet traffic in and out. This statement will block and drop traffic and is in the pf.cong file.
#block caching century
block drop quick from xxx.xxx.xxx.0/24
block drop quick to xxx.xxx.xxx.0/24
replace the "xxx" with ip addresses and the /24 makes it class C subnet |
|
GeekJediRF is Good For YouPremium
join:2001-06-21
Mukwonago, WI Reviews:
·CenturyLink
·VOIPo
| Sorry I wasn't more clear...how do you find the addresses of the servers in order to block them? I can't figure out how to find them.
--
The goal of the broadcast engineer is to get all the meters on the transmitter to go as far to the right as possible!! |
|
2 edits | reply to chelpt
This is the standard response when you ask tough questions to tier 2 support.
Do you have a static IP? And, did you get Century-link's permission to have that IP reversed association placed to your domain? If you have a business account you can do this. If you just have a residential account, then you are just stuck with a static ip and a one way domain registration.
The last tier 2 tech supervisor I spoke with said "We do not cache or hijack 404s to my knowledge"
This has nothing to do with getting any permission for anything! I have about 40 business Century-link DSL and T1 connections with static ip addresses. My customers just surf the internet and stuff. I have tested many of them so I can know what is going on.
The nx domain I was talking about is the reply to a query of a non-FQDN from a "normal" dns server like 4.2.2.2 When Century links dns servers are queried with the same or any non-FQDN they reply with the ip address of Century links web site that is used to generate money from ad's
IE: If you misspell while typing a web site in your browser you get redirected to a Century link ad site.
This is called "hijacking 404s". google it.
As for the caching, When I log on to my bank account or newegg.com etc... my traffic is not connecting to the ip address that is owned by the server of witch I am attempting to connect. It instead connects to a centurylinkservices.com ip address. This should not happen! Newegg.com is a great example. When I block traffic to the caching servers I do not get any pictures.
If Centurylink is not doing anything to the traffic, there is no reason for my traffic to go anywhere except the site I am looking at.
When I enter my personal or my customers info on the web either on my connection or any of my customers connections, I want it to not be hijacked by anyone for any reason.
I do not run any cache software anywhere on my end.
This never happened with Embarq. It started after the Century link take over
I have switched about 5 to Comcast and have had good service so far. We will see |
|
| reply to GeekJedi
I use a program call "trafshow" for regular traffic viewing. When I need to be sure I use "tcpdump" to record the traffic so I can look at it in detail. Both are run on linux or unix. |
|
|
|
BigVe
join:2005-07-15
Gulliver, MI Reviews:
·CenturyLink
| reply to drxray
quote:
If you misspell while typing a web site in your browser you get redirected to a Century link ad site.
This is called "hijacking 404s". google it.
There is nothing like that going on here up north with Centurylink never has anytime no matter how misspelled. |
|
GeekJediRF is Good For YouPremium
join:2001-06-21
Mukwonago, WI Reviews:
·CenturyLink
·VOIPo
| said by BigVe: quote:
If you misspell while typing a web site in your browser you get redirected to a Century link ad site.
This is called "hijacking 404s". google it.
There is nothing like that going on here up north with Centurylink never has anytime no matter how misspelled. Same here. Still planning on checking for caching servers though.
--
The goal of the broadcast engineer is to get all the meters on the transmitter to go as far to the right as possible!! |
|
