[dns-operations] Capturing 8.8.8.8 Traffic

Graham Beneke graham at apolix.co.za
Mon Feb 25 19:38:25 UTC 2013 

On 25/02/2013 20:28, Carlos M. Martinez wrote:
> It might sound stupid, but I firmly believe the main reason everyone is
> now switching to Google's servers is that they are easy to remember and
> to dictate over the phone.
> 
> In my case... (DSL provider at home), I have the choice of
> 200.40.230.245 or 8.8.8.8. Which one do you think my 63-year-old dad
> will configure more easily when tutored over the phone? :D

This is exactly the problem I am struggling with.

I have been trying to educate people about the problems with using
distant resolvers for many years. It was a tough sell with OpenDNS when
they first appeared on the scene and its 100 times harder with the
Google address being so easy to remember.

Its not just your 63-year-old dad either - its the thousands of field
techs who could not be bothered to figure out the correct resolver when
they install or repair someone's CPE or Computer. Its a
one-size-fits-all solution with a very low hassle factor.

There are many layers between myself and these techs on the ground.
Educating my customer is no guarantee that the solution filters down to
end device configurations.

> Needless to say that if you add to the mix ISPs who are willing to mess
> with your NXDOMAINs for a buck.... the deal is sealed.

I have no interest in fiddling with the responses to that extent but
where is the line? ;-)


> cheers!
> 
> ~Carlos
> 
> On 2/25/13 4:06 PM, SM wrote:
>> Hi Graham,
>> At 09:26 25-02-2013, Graham Beneke wrote:
>>> office and NOC to a mom-and-pop IT shop. While I question the wisdom in
>>> that, I was far more concerned by the fact that this mom-and-pop shop
>>> had configured Google Public DNS as the resolver for everything on their
>>> LAN.
>>
>> A lot of people use 8.8.8.8.  I don't know whether it is due to the
>> lemming [1] effect or swarm intelligence.
>>
>>> Now on my corner of the planet Google DNS is 190ms away. Never mind the
>>> mess we have with all the CDNs mapping their traffic to a different
>>> continent.
>>>
>>> So what are you thoughts on capturing these queries and answering them
>>> on local resolvers that are <10ms away?
>>
>> DNS interception is not a good idea in my opinion.
>>
>>> The folks at Google are certainly not going to encourage us to spoof
>>> responses from their servers but are there any other potential pitfalls
>>> with doing this to save the customers from themselves?
>>
>> Once that becomes popular the regulator might wish to "standardize" it
>> (see draft-iab-filtering-considerations-02).  Saving the customers from
>> themselves is a good intention.
>>
>> Regards,
>> -sm
>>
>> 1. Lemmings are small rodents that have been known to follow each other
>> as they charge to their deaths off the edge of cliffs.  This is actually
>> an unsubstantiated myth about lemmings.
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-jobs mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list