 
joslop500
@rr.com | I switched I had never used OpenDNS until Monday when my internet died. I have to say it's a pretty good service. Besides the obvious DNS stability, the speeds are the same, plus you get a lot of cool features like filtering, stats, and more. | |
|
Prespd
join:2004-03-10
San Diego, CA
| out in San Diego 92128 area I lost my RR connection in San Diego, not part of the SoCal network late at night say between 11PM-2AM. Finally gave up and went to sleep. Next morning it was back up. So at least part of the SD area was affected, and we have lots of people down here. | |
|
|
 | 
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
1 edit | Re: $20,000 a day? Too bad opendns is redirected to Sprint's servers on their EVDO network.. | |
|
| | BosstonesOwn
join:2002-12-15
Everett, MA
clubs: | Re: $20,000 a day? caching dns on your home router FTW !
I do it on mine  | |
|
| | | 
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
 ·North State Commun..
| Re: $20,000 a day? said by BosstonesOwn  :caching dns on your home router FTW ! I do it on mine I run one as well, but your caching DNS server still has to talk to another outside DNS server. (Forwarding) Where do you think the caching DNS server gets it's answers? | |
|
| | | | 
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| Re: $20,000 a day? said by Matt :... Where do you think the caching DNS server gets it's answers? Directly from the ROOT servers, totally bypassing your ISP. The root server points you directly to the authoritative DNS server of the domain you want to access.
Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here. | |
|
| | | | |
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| Re: $20,000 a day? said by TamaraB :said by Matt :... Where do you think the caching DNS server gets it's answers? Directly from the ROOT servers, totally bypassing your ISP. The root server points you directly to the authoritative DNS server of the domain you want to access. Bob You're correct. I was confusing a caching name server with a name server that is authoritative for a specific zone. If you have a zone configured, your name server requires a forwarder for all zones it's not authoritative for.
I run DNS for my LAN, which was causing my confusion. | |
|
| | | | | | DarkLogix
join:2008-10-23
Baytown, TX | Re: $20,000 a day? By default windows dns servers (meaning windows servers with the DNS role added)
point to the root servers so you don't have to set the forwarders and it regularly updates its root hints file | |
|
| | | | | | |
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| Re: $20,000 a day? said by DarkLogix :By default windows dns servers (meaning windows servers with the DNS role added) point to the root servers so you don't have to set the forwarders and it regularly updates its root hints file Unless you configure a zone. I run MS DNS at home and if you configure a forward lookup zone (like I have for my LAN, universe.local) and don't configure forwarders, it will return an NXDOMAIN result for any domain that isn't universe.local. | |
|
| | | | | | | | DarkLogix
join:2008-10-23
Baytown, TX
 ·Comcast Workplace
·Comcast
| Re: $20,000 a day? You just need to check the root hints list
I have an MS dns server at home as well and didn't set any forwards and just rechecked the root hints
and internal dns for my website works aswell as resolving external
and I have reverce and forward zones but not forwarders | |
|
| | | | | | | | | DarkLogix
join:2008-10-23
Baytown, TX | Re: $20,000 a day? on the other hand I also have it runing as a domain controler | |
|
| | | | | | | | 
kontos
xyzzy
join:2001-10-04
West Henrietta, NY
| said by Matt : my LAN, universe.local) and don't configure forwarders, it will return an NXDOMAIN result for any domain that isn't universe.local. You're doing something wrong, then. | |
|
| | | | | | whosmatt
join:2005-02-28
Raleigh, NC
| The correct distinction is forwarding DNS server (dnsmasq found in most residential gateway appliances) vs recursive dns server (BIND,windows, etc can do both), which takes a query, starts with the root servers, and keeps going until it ultimately gets the answer it wants.
dnsmasq in its default setting will forward queries to another server or servers. one very useful feature of dnsmasq is that you can have it simultaneously forward to multiple servers and return whatever result comes back fastest.
-m | |
|
| | | | | | | 
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC | Re: $20,000 a day? Is dnsmasq the same thing as "DNS relay"? TIA -- | |
|
| | | | | | | | |
| | | | | | | | |
kontos
xyzzy
join:2001-10-04
West Henrietta, NY
| Re: $20,000 a day? It doesn't cache. | |
|
| | | | | | | | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| Re: $20,000 a day? said by kontos :It doesn't cache. said by »www.thekelleys.org.uk/dnsmasq/doc.html :Dnsmasq caches internet addresses (A records and AAAA records) and address-to-name mappings (PTR records), reducing the load on upstream servers and improving performance (especially on modem connections).
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon -- KJ7RL
What you do at Christmas does not matter so much; What counts are the Christmas things you do all year through. | |
|
| | | | | | | |
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| said by funchords :Is dnsmasq the same thing as "DNS relay"? TIA -- It can act as a DNS relay, yes. | |
|
| | | | | 
DaSneaky1D
one wall to block them all
Premium,MVM
join:2001-03-29
The Lou
·Charter Pipeline
| Why do you need to get answers from the authoritative servers? It'll take 100ms or more to get an answer due to routing distance, rather than asking OpenDNS's server at half the resolution time.
While I understand the "cool" factor of it (btw, you're really not asking a root server for anything, only the TLD servers), you're likely only asking for an "A" or "MX" record for most DNS request. Why not get it from the quickest responding server and simply cache it again locally?
--
:: my trivial ramblings :: | |
|
| | | | | | whosmatt
join:2005-02-28
Raleigh, NC
| Re: $20,000 a day? Any server you forward to is ultimately a recursive server that will, if it has no information in its cache, query the root servers for that answer -- Opendns included. One advantage of using a very popular DNS server is that it gets LOTS of queries and will be more likely to have a popular result cached. | |
|
| | | | | |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| said by DaSneaky1D : ... rather than asking OpenDNS's server at half the resolution time. Redirections for one, tracking for two, selling browsing history for three. My local bind asks the authoritative server one time, then for the duration of the TTL, my local bind responds instantaneously, no network delay for all subsequent queries for that domain. it is FASTER.
said by DaSneaky1D : Why not get it from the quickest responding server and simply cache it again locally? Because the nearest non-authoritative server, MAY have old info. Badly configured authoritative servers (with unduly large TTL values) can cause new information not to propagate quickly. I have seen this many times; an IP change that doesn't propagate down-stream for days. The only accurate info comes directly from authoritative servers, all others may or may not reflect reality.
Also, I have control of my local cache, I can clear it at will flushing out any bad data. I suppose it's a control issue, that's why I run FreeBSD
Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here. | |
|
| | | | | |
| | | | | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC | Re: $20,000 a day? I have just started learning about mDNS (Zeroconf, Bonjour) and I'm wondering what you think of it as an alternative to dedicating a machine to running DNS for a LAN? | |
|
| | | | | | | |
| | | | | |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| said by espaeth : ...On your first query of "www.dslreports.com" you need to ask the root servers about ".com", the gtld servers about "dslreports.com" and the dslreports authoritative servers about "www.dslreports.com" Once the above is cached on my local bind all subsequent queries are nearly instantaneous. There is only a delay in retrieving the initial data, after that it's essentially a free ride.
said by espaeth :If you use a good caching server, you can get the same information in a single query. That's exactly what my local bind does. How much faster can you get than a Localhost query? It is a "good caching server".
Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here. | |
|
| | | | | | |
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ | Re: $20,000 a day? Dosen't windows, and most other modern DNS' as well as some advanced browsers cache DNS results anyway? | |
|
| | | | | | | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| Re: $20,000 a day? said by avd706 :Dosen't windows, and most other modern DNS' as well as some advanced browsers cache DNS results anyway? They can. Windows runs fine without its DNS-caching service turned on -- it's optional.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon -- KJ7RL
What you do at Christmas does not matter so much; What counts are the Christmas things you do all year through. | |
|
| | | | 
battleop
join:2005-09-28
00000 | Probably the same place that OpenDNS gets their answers. The root servers. | |
|
| rebus9
join:2002-03-26
Tampa Bay
 ·Verizon FIOS
·RoadRunner Cable
| said by Matt :Hrm, I wonder if Time Warner were to eliminate all Residential DNS servers how much that would save them? My guess is it would approach that amount. How so? Compared to web and mail servers, DNS servers cost very little to operate. Even modestly provisioned servers can handle a LOT of lookups, and bandwidth demands are small. | |
|
|
Ex IP Eng Guy
@4dv.net
| Not even close. 20k / day = $7.3 million / year. Building out 15 clustered servers distributed nationwide plus adding in the headcount works out to about $300,000 (assuming two headcount and $4,000 for datacenter class servers). The revenue generated is more than cost involved, even if the estimate is off by a factor of 10 (approximately double). I'm not including the colocation or networking costs (since DNS servers are usually located onnet for an ISP). | |
|
hurleyp
join:2000-06-20
Ottawa, ON | A Satisfied Customer I've been using OpenDNS for about 2 years and I'm quite pleased with the service. It's a "set it and forget it" option that works quite nicely.
--
"I reject your reality and substitute my own." | |
|
jnc2000
Premium
join:2003-08-05
Akron, OH | Rock on! Been using OpenDNS since late 2006. Haven't looked back since. | |
|
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| Using it. I put OpenDNS in my router's config as forwarders, all workstations are pointing to it for DNS, and haven't looked back.
I live in the SoCal area, and switched when DNS problems happened about 6 or 7 months ago. Works mighty fine.
--
"I reject your reality and substitute my own!" | |
|
Dogfather
Premium
join:2007-12-26
Laguna Hills, CA | I use it at my office Filtering options come in handy. | |
|
SilverSurfer
join:2007-08-19 | Pffffffft ISP had continual DNS outtages and that's what prompted me to switch to OpenDNS. There isn't a reaon for me to go back. And the nanosecond either FiOS or UVerse comes along, I'll be dropping the current provider as well. Suck on that, Cox. | |
|
DarkLogix
join:2008-10-23
Baytown, TX
·Comcast Workplace
·Comcast
| Why would the ISP care You say that money is going to opendns that could be going to the ISP
I see that as false
the ISP doesn't really care if you use theirs or not
it makes no differance other than having a lower load on their DNS servers if you use opendns
however I just run my own DNS server that looks the the root dns servers | |
|
| rradina
join:2000-08-08
Chesterfield, MO
·Charter Pipeline
| Re: Why would the ISP care It does if the ISP uses sponsored DNS redirection. (i.e. If they redirect mistyped urls to a cute page that says you typed an incorrect name and that page has sponsored advertisements/pop-ups.)
If this revenue is significant, they may choose to degrade the performance of "external" DNS queries (those that leave their internal network) or block them entirely as some ISPs do with Bit Torrent and SMTP, respectively. | |
|
| | DarkLogix
join:2008-10-23
Baytown, TX | Re: Why would the ISP care well if they did that
but I think it should be required that ISP dns be true to the Root servers and unchanged in anyway
(well maybe if the page entered doesn't exist then) | |
|
| | | rradina
join:2000-08-08
Chesterfield, MO | Re: Why would the ISP care I thought these tactics are known to be occurring. Perhaps I don't understand the technique they are using or have misapplied what they do to this topic. | |
|
dcurrey
Premium
join:2004-06-29 | They will block it. If they continue to lose customers/income they will invent some lame excuse to force people to use isp dns servers and either block or redirect packets to them.
Excuse will be National Security or to prevent child porn. | |
|
Rogerquake
join:2002-01-12
Fort Lauderdale, FL | run a local DNS resolver everyone should just run their own local caching DNS server.. Problem Solved | |
|
| DarkLogix
join:2008-10-23
Baytown, TX | Re: run a local DNS resolver ya everyone should just run a bind9 dns server out of their house and not worry about ISP dns or opendns | |
|
| | b10010011
Whats a Posting tag?
join:2004-09-07
Bellingham, WA | Re: run a local DNS resolver Or Treewalk DNS for Windows users.
»ntcanuck.com/ | |
|
| | cornelius785
join:2006-10-26
Worcester, MA | oh right, because your dns server has every single entry to resolve ANY address to an IP.... all dns servers that are not of the ~10 main root dns servers has to send queries to other dns servers. | |
|
| |
Ex IP Eng Guy
@4dv.net | Except if the ISP blocks UDP/TCP 53. Then your forwarder won't work. | |
|
rahlquist
Redeye
join:2001-10-30
Villa Rica, GA
| Dont Squack too loud about this If everyone jumps this bandwagon then we are likely to see ISP's block outbound DNS queries from their network that dont originate form their own servers (traffic costs money dontcha know). So while millions may switch, it may not be free/available forever.
--
Fed Up With Stupidity?
Patentlystupid.com | |
|
rsmith7
Premium
join:2003-03-11
San Diego, CA | Love My OpenDNS I have been using OpenDNS for about 2 years. Love the free service and up-time. | |
|
R0CKY
TSI Rocky
Premium,VIP
join:2005-05-19
Chatham, ON |  Strange things this week!
| |
|
osubuck
@rr.com
| Been using OpenDNS for a while I have also been using OpenDNS probably close to a year now. I just set it into my router as the default DNS servers, and its like a set it and forget it operation. No downtime that I have experienced and its very fast. It gets my recommendation as well. | |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| Providers: Please don't profit on DNS by Breaking DNS OpenDNS is targeting that same profit stream and so far, and seems to be doing a much better job at it -- by including features that users actually find useful. Earlier this year it was estimated that OpenDNS makes $20,000 per day via their search relationship with Yahoo alone. That's money that could be going into ISP pockets, and you can be sure that eventually, should OpenDNS's popularity continue to grow, carriers will start trying to get wayward DNS users back onto their own servers -- one way or another. I have no objection to providers following the OpenDNS model and creating a VOLUNTARY service that redirects failed search queries to advertising pages.
But a DEFAULT or MANDATORY service that does this breaks DNS. For most users, DNS is the end of the hostname resolution chain, but for some of us, a failed DNS lookup is a sign to look for the resolution elsewhere (such as WINS, mDNS, etc.). In my case, my linux machines would fail to find my home networked machines until I stopped using Verizon DSL's bastardized DNS.
Robb | |
|
swhitney2003
I can't drive 55.
Premium
join:2003-06-13
NH
clubs: | A+ A+ to OpenDNS. Going on 2 years now being completely satisfied. | |
|
Titus Pullo
I came, I saw, I slept
join:2004-06-26
·Embarq
| The real question is why can't companies with revenue in the millions of $$s provide stable DNS?
Because they don't GAF, that's why. The same reason most ISP email blows chunks. They think "hell, gmail, yahoo ... WhyTF should we care?" Now I suppose they'll think "OpenDNS, sounds good - layoff another batch; this time the DNS droids"
Amurika in free fall. Get used to it.
-- | |
|
|
Ex IP Eng Guy
@4dv.net
| Re: The real question is DNS is a Cost Center to most companies... in other words, most companies don't GAF because, to the Sr. Execs, it looks like it costs them money: networking, support tools, headcount, hardware, etc.
I worked for a company that managed DNS for over 50,000 zones on 15 pairs up Sun Netra T1s. The budget was denied to upgrade the infrastructure to 5 pairs of Sun T2000s because there was no revenue directly tied to it. Explaining that it would take less headcount, would provide faster and more reliable service, and reduce our mainenance costs didn't matter. They guys in control of the budget didn't GAF. | |
|
KCrimson
Premium
join:2001-02-25
Brooklyn, NY
·Optimum Online
·Verizon FIOS
| OpenDNS - Excellent Service BUT... I've been using OpenDNS on and off for the past couple of years, and have set it up for use on both individual machines and networks. The service is excellent, and the increased control offered through their "dashboard" often outweighs a few millisecond delay vs. using the local ISP servers in terms of response time. I recently tested response time here on FiOS in NYC and OpenDNS was actually the fastest to retrieve a cached A record.
Now for the bad part..
For the past 6 months I've tried at least 3 times to initiate a trouble-ticket with OpenDNS in regards to their incorrect instructions given FiOS customers for configuring the Actiontec Mi424WR router that's found in most FiOS customers' homes. Each time I was (eventually) sent a reply stating that they were aware of the problem, and that a fix was due within "the next few days". The last time was over a week ago, the first time was about 5 months ago. The instructions STILL indicate (incorrectly) that user should change the LAN ("Home/Office") DNS settings instead of the WAN DNS settings. I don't understand how OpenDNS, which has such advanced technical abilities is so slow to fix this basic problem. | |
|
grcore
New and Improved
join:2003-12-06
usa
| OpenDNS has privacy issues... Are they still redirecting Google searches through their servers?
I wont use OpenDNS, or any other so-called "free" DNS service that does not respect privacy.
From »en.wikipedia.org/wiki/OpenDNS
quote:
also removed OpenDNS from all of my networks/servers/computers after the shocking revelation that they were hijacking Google traffic against my knowledge. I discovered this after spending an hour or so troubleshooting very slow Google performance. Once I identified that OpenDNS was hijacking Google traffic, I reverted to ISP DNS, and voila - Google became fast again. I agree that this is an ethical issue, too, since it was not disclosed clearly, and so many of us didn't realize OpenDNS would be hijacking our Google searches if we used them for DNS
| |
|
| 
Aozora
join:2008-11-28
·Comcast
1 edit | Re: OpenDNS has privacy issues... said by grcore :Are they still redirecting Google searches through their servers?I wont use OpenDNS, or any other so-called "free" DNS service that does not respect privacy. From » en.wikipedia.org/wiki/OpenDNS quote:
also removed OpenDNS from all of my networks/servers/computers after the shocking revelation that they were hijacking Google traffic against my knowledge. I discovered this after spending an hour or so troubleshooting very slow Google performance. Once I identified that OpenDNS was hijacking Google traffic, I reverted to ISP DNS, and voila - Google became fast again. I agree that this is an ethical issue, too, since it was not disclosed clearly, and so many of us didn't realize OpenDNS would be hijacking our Google searches if we used them for DNS
"Privacy issues and covert redirection
While the OpenDNS name resolution service is free, people have complained about how the service handles failed requests. If a domain cannot be found, the service redirects you to a search page with search results and advertising provided by Yahoo. A DNS user can switch this off via the OpenDNS Control Panel.[citation needed]
There is also a privacy concern about sharing your DNS requests with any third-party. Normally, DNS requests are handled by the ISP, which already has access to all of your data going upstream through your connection. When you use OpenDNS, the DNS requests go through this new third-party company, which logs the domain name typed, the date and time of each DNS request, and the IP address of the requestor.[14]
In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Redirector Error" software on their PCs, OpenDNS implemented this typo-correcting service: mistyped addresses would be corrected and directed to the correct address; keyword addresses would direct to OpenDNS's search page; comma-separated keywords would result in OpenDNS search results. Each would start with an unpaid link to the suggested correction.[15]
Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS without the user's consent (but within the OpenDNS Terms of Service).[16] Browsers configured to omit this parameter do not get redirected and address-bar searches are sent to Google as normal.[16]. Firefox and Flock users can fix this problem by installing an extension.[17]
This redirection breaks some non-web applications (such as email spam filtering) which rely on getting an NXDOMAIN for non-existent domains."
What privacy is violated? Your IP? You have got to be joking, every damn website knows your IP. This site tracks your IP, and so does every site. Whenever you post a post here, your IP will be logged. I am certain the moderators can see everyone's IP on their post. This is standard in almost every website on the Internet.
You think Google does not log this information? How do you think they know the most popular searches and trends data? MAGIC?
I have no problem with OpenDNS doing the search page if a page I request clearly is no longer online and can't be found. Instead of a dang 404 you get a search page. Big whoop. You can disable that too if you don't like it.
I am one of the most pro privacy persons here but I fail to see how exactly they are bad in the privacy area.
As for google.com hijacking I am seeing no such privacy issue. Do you mean this? »blog.opendns.com/2007/05/22/goog···he-page/
Please, if that is the case then that is Google's fault for their piece of **** breaking DNS for other users.
Also, Google is not slower.
Ping has started ...
PING google.navigation.opendns.com (208.69.36.230): 56 data bytes---I think the above link was what you were referring about privacy and google. I am aware that Google's IP is not that and that is OpenDNS' IP.
64 bytes from 208.69.36.230: icmp_seq=0 ttl=52 time=11.965 ms
64 bytes from 208.69.36.230: icmp_seq=1 ttl=52 time=14.200 ms
64 bytes from 208.69.36.230: icmp_seq=2 ttl=52 time=13.399 ms
64 bytes from 208.69.36.230: icmp_seq=3 ttl=52 time=11.541 ms
64 bytes from 208.69.36.230: icmp_seq=4 ttl=52 time=12.315 ms
64 bytes from 208.69.36.230: icmp_seq=5 ttl=52 time=12.463 ms
64 bytes from 208.69.36.230: icmp_seq=6 ttl=52 time=12.106 ms
64 bytes from 208.69.36.230: icmp_seq=7 ttl=52 time=13.497 ms
64 bytes from 208.69.36.230: icmp_seq=8 ttl=52 time=13.118 ms
64 bytes from 208.69.36.230: icmp_seq=9 ttl=52 time=12.324 ms | |
|
| | 
RickNY
Premium
join:2000-11-02
New York
1 edit | Re: OpenDNS has privacy issues... said by grcore :I wont use OpenDNS, or any other so-called "free" DNS service that does not respect privacy. Yawn.. All that stuff can be disabled with OpenDNS | |
|
| | |
Aozora
join:2008-11-28
·Comcast
| Re: OpenDNS has privacy issues... said by RickNY :said by Aozora :I wont use OpenDNS, or any other so-called "free" DNS service that does not respect privacy. Yawn.. All that stuff can be disabled with OpenDNS WOAH!! That is not me man. I never said that. You completely quoted the wrong person. | |
|
| | | |
RickNY
Premium
join:2000-11-02
New York
| Re: OpenDNS has privacy issues... said by Aozora :You completely quoted the wrong person. My bad -- fixed. Sorry! | |
|
|
|
|
Another DNS Outage Gives OpenDNS Free Advertising
$20,000 a day?