verizon DNS "helper"

Coleman Kane cokane at cokane.org
Wed Nov 14 17:53:17 EST 2007 

Rob Lembree wrote:
> Verizon recently (I think) put in a handy DNS "helper" that redirects  
> DNS requests that result in a "not found" to their own servers.
> This completely breaks lots of stuff, and they should be lashed 50  
> times with a wet noodle for doing so.   It breaks the internet.
>
> To their credit, they have an "opt out" option that you can use.  If  
> you go to the configure page for your router, note your DNS settings.   
> Get to the point where you can choose to take DNS settings from DHCP,  
> and hard code your own DNS settings to the same addresses that DHCP  
> had given you, but replacing the '.12' with '.14', e.g.,  
> "192.168.0.12" would become "192.168.0.14".
>
> So I wanted to tell Verizon what a stupid move this is, and at the  
> same time tell them thanks for making opting out so relatively  
> painless, but I found that Verizon internet doesn't actually let you  
> speak with people.  Maybe those big windowless buildings *are* a sign  
> that the phone company is really and truly run entirely by machines.
>
>  >sigh<
>   
I don't know if you recall, but some time ago the registry for .com and
.net (VeriSign!) tried to pull this one. They had all unresolved .com
and .net requests go to their "register this new domain" page. Very
"independent" on the part of the company that is supposed to be neutral
in the administration of those servers, as per the ICANN agreements. It,
again, broke the Internet for many of us. I was working for a registrar
at the time (one of which who was very outraged by this abuse of the
system) and we all came down hard on them (as did ISPs who were suddenly
flooded with much more traffic). They backed off and un-did their
breakage, but not until after we had to rewrite all of those Perl scripts.

For those not familiar with the system, domain name registration is
handled by "registries" that maintain the delegation information for
their designated "top level domains" (.com, .net, .org, .cc, .co.uk,
.ac, etc...), while "registrars" are the designated vendors of domain
names in the system. In this structure, the "registry" basically maps
domain names to the "registrar" that maintains the account information
for that domain. There is usually a single entity that maintains this
information per top-level domain, and they are expected to behave in a
manner that doesn't artificially benefit any one registrar (a regulation
attempting to prevent monopolization of the Internet). However, the
registry companies are not barred from also being a registrar, so they
can still sell the domains that they control. In the above example, the
registry was directing user's to the registrar that they also ran by
modifying the data that they controlled exclusively to direct browsers
to their own registrar when they performed a DNS lookup that should
result in NXDOMAIN.

--
Coleman Kane

More information about the gnhlug-discuss mailing list