North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Hey, SiteFinder is back, again...

  • From: Christopher Morrow
  • Date: Tue Nov 06 02:52:55 2007
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=5PJPaiEp6VGdVaD90Zeelo0N83LQ4wFyNINBf2KnueA=; b=kT7eAskWDWjY44MKmSNcR2WUJ+1IAhPoi0DzstcEr4+nAXg+gV0HtpZ08z52/pgSSpR/+7VyxMHb0Qw0Dbfsxzruzrw5f8RDPnMQt4WZ3RFDJRwUYCYFQMH5GJ7MvyDm23xdVo5xIAQUCLqExxlxBMynICDvLqx6xQEh6VAwpX4=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=HR5HdxTH1hYwlN0Lrid1qvKYCK/szJVjg4Fu1/6PSa/l1IQ+CPyqMbhV86UFS7Pdx+smC45KbnD7FWUT4j+QtFSetw85s+mcArxcRXx6LMDSu1t3DsqViGHzoswrkyunzr08FfsRrm409rdYEOhkoewlxIShplOO00kJ1wgFvis=

On 11/5/07, Eliot Lear <[email protected]> wrote:

>
> Cough.  So, how much is that NXDOMAIN worth to you?

So, here's the problem really... NXDOMAIN is being judged as a
'problem'. It's really only a 'problem' for a small number of
APPLICATIONS on the Internet. One could even argue that in a
web-browser the 'is nxdomain a problem' is still up to the browser to
decide how best to answer the USER of that browser/application. Many,
many applications expect dns to be the honest broker, to let them know
if something exists or not and they make their minds up for the upper
layer protocols accordingly.

DNS is fundamentally a basic plumbing bit of the Internet. There are
things built around it operating sanely and according to generally
accepted standards. Switching a behavior because you believe it to be
'better' for a large and non-coherent population is guaranteed to
raise at least your support costs, if not your customer-base's ire.
Assuming that all the world is a web-browser is at the very least
naive and at worst wantonly/knowingly destructive/malfeasant.

MarkA and others have stated: "Just run a cache-resolver on your local
LAN/HOST/NET", except that's not within the means of
joe-random-sixpack, nor is it within the abilities of many
enterprise/SMB folks, talking from experience chatting up misbehaving
enterprise/banking/SMB customers first hand. What's to keep the ISP
from answering: provider-server.com when they ask for Yahoo.com or
Google.com or akamai-deployed-server.com aside from (perhaps) a threat
of lawyers calling?

Anyway, hopefully someone gets their head on straight about this
before other problems arise.

-Chris