[conspire] Internet Privacy: today's vote and measures to take

Daniel Gimpelevich daniel at gimpelevich.san-francisco.ca.us
Fri Mar 31 22:02:45 PDT 2017


On Wed, 2017-03-29 at 16:17 -0700, Rick Moen wrote:
> Quoting Josef Grosch (jgrosch at gmail.com):
> 
> > I had that conversation with my former ISP. They told me it was their
> > policy to redirect port 53 traffic to ensure "top quality of service".
> > The first thing I asked my current ISP, Sonic, after how much was their
> > service was do they block/redirect port 53 traffic. They thought I was
> > nuts to ask, "We don't don't do things like that" was their reply.
> 
> It would be very appropriate at that point to call your former ISP and
> say you had moved your business to Sonic.net to ensure top quality of
> service.  ;->
> 
> Or, as Niven & Pournelle put it in _Oath of Fealty_, 'Think of it as
> evolution in action.'  (It's likely they picked up the phrase around
> CalTech.  http://wiki.c2.com/?EvolutionInAction)

It should be noted that like other ISP's, Sonic prevents access to their
nameservers from IP address ranges they do not control, including their
own customers who get AT&T addresses. Also, Sonic has separate IPv6 and
IPv4 nameservers, with the IPv4 ones not serving up AAAA records or
other things for the IPv6 Internet, and the IPv6 ones are not served up
by DHCP or 6RD nor are they accessible from IPv4 at all.

As for the recommendation to run a local nameserver, it's exceedingly
rare in 2017 to be connected to the Internet without a router of some
kind or other at the last mile, at the vast majority of these internally
run a nameserver of one sort or other. There is no pressing need to rely
on that, but the real-time logging potential you mentioned is mostly a
thing of the past, because even ISP-issued routers were running dnsmasq
more than a decade ago.





More information about the conspire mailing list