 Woody79_00I run Linux am I still a PC?Premium
join:2004-07-08
united state | reply to Romney2012
Re: Some more info on Goggle DNS & some speed tests TKjunkmail:
I am the biggest Google fan there is, I LOVe Google products, they have helped shape the web in a great way, and have help fund some of the best Open-Source Software around. Firefox was funded primarily with Google(through the partnership for Firefox having the Google search box in the top right)
that being said, Google Public DNs and OpenDNs are and will be the same.
Google DNs will be just like ClosedDNS..sorry its OpenDNs right?
The fact is OpenDNs is really ClosedDNS..its a garbae service that redirects users to ad-laden portal pages full of non-sense and garbage just to make a buck.
The ICANN(Internet Corporation for Assigned Names and Numbers) Recently spoke out againts DNS-Redirection like Closed DNS, Comcast, and others have rolled out...stating it could hard the fundamental foundations of the internet
»www.networkworld.com/news/2009/1···arm.html
The Good news is the ICANN is moving to "ban" DNS-Redirection...about darn time...if you mistype a url, the user should receive an nxdomain error(File not found, or the approriate error message) not some rediirect to a portal page. You can read the ICANN memo below
»www.icann.org/en/topics/new-gtld···9-en.pdf
What happens when OpenDNS portal page gets hacked, and some hacker uses it to foist drive-by exploits or malware on its users?
The ICANN addressed that above scenario as to why DNS redirection is dangerous..you really have no idea if the page your requesting really is the page you wanted...censoring could be going on and you would not know the wiser.
thankfully the ICANN is moving to ban this despicable practice of DNS hijacking and redirection ISP and closed DNS call "a helper"
in the meantime kiddies, if you want just good old fasioned "REAL" DNS
change your DNS Servers to
4.2.2.1
4.2.2.2
those are the National DNS Servers run by Level 3 networks...other DNS Servers fetch records they can't find from those National Servers...paid for by public tax funds
No DNs redirects
No DNS Advertisements
NO BS
just plain DNS |
|
KearnstdElf WizardPremium
join:2002-01-22
Mullica Hill, NJ | now if only ICANN could ban adware, spyware, malware, virus laden pages from taking up the mistyped URLs. the ones where a company registers mispellings to get people to download AV2009 and other banner spawned malware.
which of course i one of the many reasons i went to firefox so many years ago.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports |
|
|
|
Reviews:
 ·Comcast
| reply to Woody79_00
You know , I like opendns. Matter of fact I love the product so much I actually pay for the service.
It allows me to load the dns settings onto a local dns server to me and my customers. And prevents a ton of virus and malware issues. Not to mention it also helps my customers keep their kids and workers off porn sites.
I like opendns and I am not offended if they get hacked or hijacked , you know why ? no company is perfect and the crap they have blocked all along is nice not having to deal with. If one virus or such gets through then so be it , the av product should pick it up and eliminate.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" |
|
NormanSPremium,MVM
join:2001-02-14
San Jose, CA
kudos:4 Reviews:
 ·SONIC.NET
·Pacific Bell - SBC
| reply to Woody79_00
said by Woody79_00:those are the National DNS Servers run by Level 3 networks...other DNS Servers fetch records they can't find from those National Servers...paid for by public tax funds Seriously? I had no idea. Hmmm. I can't prove it, either.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
Reviews:
 ·VOIPo
·Windstream
·BroadVoice
1 edit | said by NormanS:said by Woody79_00:those are the National DNS Servers run by Level 3 networks...other DNS Servers fetch records they can't find from those National Servers...paid for by public tax funds Seriously? I had no idea. Hmmm. I can't prove it, either. I know me either :-/ we must be searching in the wrong interwebs.
P.s. It. 4.2.2.1 trough 4.2.2.6 that IP range is an Anycast range and should route near to you depending on your ISP.
--
ASUS M4A79T Deluxe | AMD Phenom II x3 720 BE AM3 w/4 Cores @ 3.41Ghz(OC) | 4Gb DDR3 Memory @ 1600mhz | Sapphire ATI HD4870 1GB 800mhz/1000mhz(OC) | 2x500GB HDD's Raid 0 | Windows 7 Ultimate x64 Build 7600 (RTM) | Windstream DSL 12m (14.9m Sync)/766k |
|
| reply to Woody79_00
said by Woody79_00:The fact is OpenDNs is really ClosedDNS..its a garbae service that redirects users to ad-laden portal pages full of non-sense and garbage just to make a buck. OpenDNS allows you to disable redirecting. I've gotten no ads whatsoever. Been using it for quite a while now with only one issue - I wish I didn't have to deal with it in the first place. DNS feels like an archaic technology and I've been eagerly anticipating its demise (or enhancement). |
|
Reviews:
·VOIPo
·Windstream
·BroadVoice
| said by ReVeLaTeD:DNS feels like an archaic technology and I've been eagerly anticipating its demise (or enhancement). What would you suggest replace it? |
|
| said by Napsterbater:said by ReVeLaTeD:DNS feels like an archaic technology and I've been eagerly anticipating its demise (or enhancement). What would you suggest replace it? Don't know. But if IPv4 can be enhanced, I can't imagine why DNS can't be. Ideally I would love a situation where name resolution isn't provided by an ISP or other company. |
|
NormanSPremium,MVM
join:2001-02-14
San Jose, CA
kudos:4 Reviews:
·SONIC.NET
·Pacific Bell - SBC
| said by ReVeLaTeD:Ideally I would love a situation where name resolution isn't provided by an ISP or other company. Here is the problem. Somebody has to run the root servers. And, if you run your own DNS server, you can't run it as "authoritative" for any domain, save your own. If you don't have a domain, you can't run authoritative DNS.
Everybody hitting the root servers probably doesn't scale. And somebody has to run authoritative DNS for the various domains out there. So DNS will always have to be run by some company; or, perhaps, government agency (assumes you can place greater faith in government than business; but both are "corporations", in a sense, with their own interests ahead of anybody else's interests).
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
 espaethDigital PlumberPremium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2
 ·Clear Wireless
| reply to ReVeLaTeD
said by ReVeLaTeD: Ideally I would love a situation where name resolution isn't provided by an ISP or other company. You're a single software install away from providing your own DNS resolution. Anyone can run a recursive resolver, just the same as anyone can run their own email or web server.
Lack of technical ability is the key reason users rely on ISPs or external companies for anything other than the routing of IP packets. |
|
| said by espaeth:said by ReVeLaTeD: Ideally I would love a situation where name resolution isn't provided by an ISP or other company. You're a single software install away from providing your own DNS resolution. Anyone can run a recursive resolver, just the same as anyone can run their own email or web server. Lack of technical ability is the key reason users rely on ISPs or external companies for anything other than the routing of IP packets. Let me clarify.
In my mind, the client workstation should be the one doing the resolution to an IP. No server. Just part of the workstation's functionality. Same sort of concept as with virus protection software - the machine downloads a name resolution file each day. That would allow the client to, when attempting to reach a name that doesn't exist in the file, send back an instant prompt that it wasn't located, instead of having to attempt a contact first.
Just a wild eyed theory. All I'm saying is that with the current DNS structure, you're held hostage to (A) the expense of making and managing a DNS server or (B) the inconvenience of other DNS providers with ads and invalid not found pages. |
|
espaethDigital PlumberPremium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2 Reviews:
·Clear Wireless
1 edit | said by ReVeLaTeD:In my mind, the client workstation should be the one doing the resolution to an IP. No server. Just part of the workstation's functionality. Same sort of concept as with virus protection software - the machine downloads a name resolution file each day. That would allow the client to, when attempting to reach a name that doesn't exist in the file, send back an instant prompt that it wasn't located, instead of having to attempt a contact first. There are at least two major problems with this:
1) No client machine is going to have terabytes of storage just for global DNS resolution.
2) DNS records are updated every second of every day, and responses can vary depending on the source IP of query.
That's sort of like suggesting instead of having search engines we should all store a copy of every bit of content available on the Internet on client workstations and perform searches on local disk.
I think if you do a bit of research into how DNS works you'll see that architecturally it's the best solution to the problem, though enhancements can still be made with regards to global load balancing enhancement and security. (ie, DNSSec and beyond)
said by ReVeLaTeD:All I'm saying is that with the current DNS structure, you're held hostage to (A) the expense of making and managing a DNS server or You've invested more "expense" posting your reply.
1) Click link: »ntcanuck.com/downloads.htm
2) Install
3) Enjoy
said by ReVeLaTeD:(B) the inconvenience of other DNS providers with ads and invalid not found pages. Only when you mistype the domain. Put it in perspective: it's a mistyped domain -- you weren't going to get what you thought you were typing no matter what approach you use. |
|
NormanSPremium,MVM
join:2001-02-14
San Jose, CA
kudos:4 Reviews:
·SONIC.NET
·Pacific Bell - SBC
1 edit | reply to ReVeLaTeD
said by ReVeLaTeD:Let me clarify. In my mind, the client workstation should be the one doing the resolution to an IP. No server. Just part of the workstation's functionality. That is pretty much the way it was done in the Arpanet. The local file to be updated was the 'hosts' file, if I understand how those things used to work. In a Windows domain environment, the domain administrator could push updates to the 'lmhosts' file.
They moved away from that when the Internet was created.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
espaethDigital PlumberPremium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2 Reviews:
·Clear Wireless
| reply to Woody79_00
said by Woody79_00:those are the National DNS Servers run by Level 3 networks...other DNS Servers fetch records they can't find from those National Servers...paid for by public tax funds The only true statement in that blurb is that Level(3) owns and operates the 4.2.2.x DNS servers. I don't believe Level(3) has accepted federal bailout dollars, so as of now those servers are not publicly funded.
These servers are also not part of any kind of standard DNS query chain. When people hear "root" servers they confuse that as being a central database that has all records, and that's just not the case. DNS often requires several requests to multiple servers to arrive at a final resolution, that's why they call servers that clients point at recursive resolvers.
For example, to look up www.dslreports.com you need to make 4 queries:
1) Locally stored "hints" file to get the IPs of the root servers
2) The DNS root servers (to find out which server to query about .com )
3) The gTLD servers (to find out which server to query about dslreports.com )
4) EasyDNS (to get the resolution to www.dslreports.com)
A recursive resolver performs all 4 queries for you and just returns the final result.
You can see this full query path by using DNS tools like dig and using the trace feature.
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> +trace www.dslreports.com
;; global options: printcmd
. 451246 IN NS d.root-servers.net.
. 451246 IN NS e.root-servers.net.
. 451246 IN NS f.root-servers.net.
. 451246 IN NS g.root-servers.net.
. 451246 IN NS h.root-servers.net.
. 451246 IN NS i.root-servers.net.
. 451246 IN NS j.root-servers.net.
. 451246 IN NS k.root-servers.net.
. 451246 IN NS l.root-servers.net.
. 451246 IN NS m.root-servers.net.
. 451246 IN NS a.root-servers.net.
. 451246 IN NS b.root-servers.net.
. 451246 IN NS c.root-servers.net.
;; Received 500 bytes from 192.168.0.21#53(192.168.0.21) in 4 ms
com. 172800 IN NS B.GTLD-SERVERS.NET.
com. 172800 IN NS K.GTLD-SERVERS.NET.
com. 172800 IN NS A.GTLD-SERVERS.NET.
com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS E.GTLD-SERVERS.NET.
com. 172800 IN NS L.GTLD-SERVERS.NET.
com. 172800 IN NS G.GTLD-SERVERS.NET.
com. 172800 IN NS I.GTLD-SERVERS.NET.
com. 172800 IN NS C.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
com. 172800 IN NS D.GTLD-SERVERS.NET.
com. 172800 IN NS J.GTLD-SERVERS.NET.
com. 172800 IN NS M.GTLD-SERVERS.NET.
;; Received 496 bytes from 128.8.10.90#53(d.root-servers.net) in 73 ms
dslreports.com. 172800 IN NS ns1.easydns.com.
dslreports.com. 172800 IN NS ns2.easydns.com.
dslreports.com. 172800 IN NS ns6.easydns.net.
dslreports.com. 172800 IN NS remote1.easydns.com.
dslreports.com. 172800 IN NS remote2.easydns.com.
;; Received 233 bytes from 192.33.14.30#53(B.GTLD-SERVERS.NET) in 336 ms
www.dslreports.com. 1200 IN A 209.123.109.175
dslreports.com. 1200 IN NS remote2.easydns.com.
dslreports.com. 1200 IN NS ns1.easydns.com.
dslreports.com. 1200 IN NS ns2.easydns.com.
dslreports.com. 1200 IN NS remote1.easydns.com.
;; Received 204 bytes from 66.225.199.10#53(ns1.easydns.com) in 41 ms
|
|
| reply to NormanS
In particular, they moved away from that when hosts files began to take up megabytes of space (when megabytes was still a significant fraction of available space) and more importantly when searching began to take forever. A hosts file containing the entire internet would be more storage than most workstations have and take hours if not days to run a query on. |
|
 cdruGo ColtsPremium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:5
 ·Frontier FiOS
| reply to Kearnstd
Which do you want, a net neutral internet where you aren't directed around based on someone's moral or commercial agenda, or a filtered internet where some (but not all) of the bad is blocked but eventually having to deal with someone's moral or commercial agenda that will differ from your own views? You can't have it both ways. |
|
| reply to Anon2
said by Anon2 :
In particular, they moved away from that when hosts files began to take up megabytes of space (when megabytes was still a significant fraction of available space) and more importantly when searching began to take forever. A hosts file containing the entire internet would be more storage than most workstations have and take hours if not days to run a query on.
In this day and age when a computer can be had that contains many GB's of hard drive space for dirt cheap - when the processors are in the quad fashion - when extra storage is a matter of a few hundred bucks - again, a possibility.
Keep in mind that I as a user might browse to 1% of all of the servers on the WWW. That means I don't really need to have all of the name resolutions local. Maybe a cache that stores them as they're requested, and updates them on a schedule. We already have the technology to do that - I'm more against the concept of a central "DNS server" hosted by someone else. That said, I'd probably be more confident if I knew that DNS servers were a decentralized commodity.
I don't know, I'm throwing wild ideas out. I just don't like the idea of a server whose sole purpose in life is to put a friendly name around the true address of the destination server so that a user doesn't have to remember that true address. It feels archaic.
Let's take IPv6. At its core it looks like a hex string - why not cater that hex string to the individual computer name and domain? So that if you type in said name, your workstation simply translates the name into hex in order to locate it? NO server, just reading a string of characters and turning it into something. |
|
| reply to cdru
I want a public internet that is just that - open to the public in a safe and user friendly way and is provided with a way to protect the netizens that choose to use it's public ways.
If you want to register an address, then you do it publicly and with information that can be and will be verified. How and why DNS registration was turned into something people can do anon is beyond me. That should have never been allowed and that should be removed. |
|
| reply to ReVeLaTeD
No offense, but maybe you should spend a few weeks thoroughly learning the technology you are trying to improve before throwing "wild ideas out".
The biggest thing you are missing are the dynamics of the current DNS structure. The way the current DNS structure works is actually quite brilliant considering the way it has to scale.
Another thing you are missing is that it does cache. Your computer already cache the address, your company's network DNS cache it, your isp DNS cache it, and so on until it has to reach the root. Which is the reason a major issue will take hours to replicate out across the net.
If you want local caching for the sites you frequent then modify your local lmhost file, then your problem is solved. Just don't come here whining when the company changes IP addresses and you can't find your stuff anymore and have no clue why. |
|
NormanSPremium,MVM
join:2001-02-14
San Jose, CA
kudos:4 Reviews:
·SONIC.NET
·Pacific Bell - SBC
| reply to ReVeLaTeD
said by ReVeLaTeD:Keep in mind that I as a user might browse to 1% of all of the servers on the WWW. That means I don't really need to have all of the name resolutions local. Maybe a cache that stores them as they're requested, and updates them on a schedule. We already have the technology to do that - I'm more against the concept of a central "DNS server" hosted by someone else. That said, I'd probably be more confident if I knew that DNS servers were a decentralized commodity. It is "decentralized". I use my ISP DNS servers. They are not the same ones used by Comcast customers, or Verzion customer, or Road Runner customers, or Qwest customers, or Charter customers.
They are also not the only ones I can use. There are, of course, a number of free DNS servers available, and, if I chose, pay DNS servers, as well. Hardly "centralized".
In addition, you do have the option of running a recursive, caching resolver locally, right on your computer.
I don't know, I'm throwing wild ideas out. I just don't like the idea of a server whose sole purpose in life is to put a friendly name around the true address of the destination server so that a user doesn't have to remember that true address. It feels archaic.
I sometimes drive a 1997 Plymouth Voyager. Compared with what is available today, it probably is archaic. But what is available today, commencing with the latest year models, is archaic, when compared with the first Otto internal combustion powered vehicles appearing on the road 130 years ago.
I was swapping war stories with a nephew returned from Iraq. The weapons he was issued are much newer models than I carried; but they still feel "archaic". Considering that they are based on ideas patented, and invented in the latter part of the 19th Century, they are archaic.
Just saying that "archaic" isn't always bad.
Let's take IPv6. At its core it looks like a hex string - why not cater that hex string to the individual computer name and domain? So that if you type in said name, your workstation simply translates the name into hex in order to locate it? NO server, just reading a string of characters and turning it into something.
Maybe I am missing something important here. Isn't that exactly what the 'hosts' file does? The reason the 'hosts' file was abandoned was because it didn't scale well, and who takes care of the updates?
With the DNS service, there is a set of authoritative DNS servers for each domain, and all the others are caching servers, who get the results, ultimately, from the authoritative servers. You've got to trust, at the least, the authoritative DNS servers.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
