RE: I've just tried new.net's plugin. Don't.
I removed the plug-in already, but pinging www.pie.shop went like this: ping www.pie.shop std query for www.pie.shop against my name server fails std query for www.pie.shop.computerjobs.com against my name server failes wins query for www.pie.shop fails netbios broadcast for www.pie.shop fails x1 netbios broadcast for www.pie.shop fails x2 netbios broadcast for www.pie.shop fails x3 std query for www.pie.shop against my name server fails std query for www.pie.shop.computerjobs.com against my name server failes wins query for www.pie.shop fails netbios broadcast for www.pie.shop fails x1 netbios broadcast for www.pie.shop fails x2 netbios broadcast for www.pie.shop fails x3 std query for www.pie.shop.newdotnet.net against my name server newdotnet's NS replied with the IP for www.pie.shop.newdotnet.net & the echos came back. I did mean to say in my last posting, everything *non-resolvable* outside the ICANN TLD's is resolved to 64.208.49.135 Existing new.net TLD domains resolve to whatever their IPs are. The plug-in, however, sends ANY query outside the ICANN TLDs to 64.208.49.135. This usurps any and every other imaginable future TLD, ie www.bull.shit They're not advertising a 'shit' domain (um, literally), and yet requests for 'shit' go to their NS. Their scheme, if successful, takes over service for EVERY TLD domain not already in operation by ICANN. Who's the monopoly? -----Original Message----- From: Kevin Loch [mailto:kloch@opnsys.com] Sent: Wednesday, March 14, 2001 5:57 PM To: Chris Davis; nanog@merit.edu Subject: Re: I've just tried new.net's plugin. Don't. Chris Davis wrote:
I downloaded their plug-in and then:
What happens when you ping www.pie.shop which is in a new.net "private" TLD? (snip)
Seems that everything in the world not ending with an ICANN TLD goes to 64.208.49.135. Have a look at http://64.208.49.135
That was probably meant to be somewhat meaningfull with names and not IP numbers. BTW, do you mean "everything not ending with an ICANN TLD or "everything not resolvable"? (see above) KL
After _trying_ to ignore this subject all week, and failing miserably, I now feel that it's time for my $0.02 (USD.) Stoned koala bears drooled eucalyptus spit in awe as Chris Davis exclaimed:
I did mean to say in my last posting, everything *non-resolvable* outside the ICANN TLD's is resolved to 64.208.49.135
This can actually be a "Good Thing," for unless 64.208.49.135 is a Cray, it's going to be swamped if this thing gets very widely deployed.
Existing new.net TLD domains resolve to whatever their IPs are.
The plug-in, however, sends ANY query outside the ICANN TLDs to 64.208.49.135. This usurps any and every other imaginable future TLD, ie www.bull.shit They're not advertising a 'shit' domain (um, literally), and yet requests for 'shit' go to their NS.
This can almost be considered to be criminal and malicious. I just hope and pray that it doesn't go very far.
Their scheme, if successful, takes over service for EVERY TLD domain not already in operation by ICANN.
Scary, eh? Yet, people are advocating this farce.
Who's the monopoly?
Gee..I dunno? Seriously folks, anybody who is supporting this system must be on some _very_strong recreational pharmaceuticals. As are those who are claiming that it's a political issue and not a technical one. As has been pointed out _several_ times on this list, the RFC's state ONE ROOT. This is The Way God Intended DNS To Be. This isn't a matter of whether ICANN is right or not in their decisions concering new TLDs. Personally, I do not care who runs the root, as long as it works. It could be our fine friends at goatse.cx for all I care. What I *do* care about, however, is that www.whatever.com resolves to the same IP address (or group of IP addresses) whether I am dialed into Earthlink, C&W, AOL, or whatever. Is it too much to ask that we have a consistent view of the DNS namespace? I don't think it is, and I don't think that New.Net's system is going to provide it. I hope that whoever dreamt up the whole New.Net concept gets condemned to the same level of Hell as the spammers and kiddie pr0n peddlers. I am glad that the advocates of this system have revealed themselves on this list, for I wish to laugh loudly and obnoxiously at you when New.Net fails, and it *will* fail. Thankfully, the 2 small systems that I help to admin in my spare time are refusing to support this thing, and so far, I have gotten no official word from my $main_employer as to whether or not they support it or not, but I suspect the answer to be "no". I most certainly hope so, for the sake of humanity and the Internet. Jeff -- "...and the burnt fool's bandaged finger goes wobbling back to the fire." -Joe Zeff in the SDM.
On Thu, 15 Mar 2001, Jeff Workman wrote:
Thankfully, the 2 small systems that I help to admin in my spare time are refusing to support this thing, and so far, I have gotten no official word from my $main_employer as to whether or not they support it or not, but I suspect the answer to be "no". I most certainly hope so, for the sake of humanity and the Internet.
Jeff: That was my original gut reaction as well. However, I'll be perfectly willing to bastardize our DNS and resolve their pseudo domains for an initial fee of $50,000 plus a 5 year contract of $20,000 per year to keep it that way. I think those are fair numbers since we're farily small. If I owned and managed a real network, I'd probably ask for real money. This is all about capitalism, right? Chuck
Stoned koala bears drooled eucalyptus spit in awe as Charles Scott exclaimed:
Jeff: That was my original gut reaction as well. However, I'll be perfectly willing to bastardize our DNS and resolve their pseudo domains for an initial fee of $50,000 plus a 5 year contract of $20,000 per year to keep it that way. I think those are fair numbers since we're farily small. If I owned and managed a real network, I'd probably ask for real money. This is all about capitalism, right?
Yup, it's all about capitalism, and nothing about technical correctness. *sigh* Jeff -- "...and the burnt fool's bandaged finger goes wobbling back to the fire." -Joe Zeff in the SDM.
Seriously folks, anybody who is supporting this system must be on some _very_strong recreational pharmaceuticals. As are those who are claiming that it's a political issue and not a technical one. As has been pointed out _several_ times on this list, the RFC's state ONE ROOT. This is The Way God Intended DNS To Be. This isn't a matter of whether ICANN is right or not in their decisions concering new TLDs. Personally, I do not care who runs the root, as long as it works. It could be our fine friends at goatse.cx for all I care. What I *do* care about, however, is that www.whatever.com resolves to the same IP address (or group of IP addresses) whether I am dialed into Earthlink, C&W, AOL, or whatever. Is it too much to ask that we have a consistent view of the DNS namespace? I don't think it is, and I don't think that New.Net's system is going to provide it.
You know, all I wanted was to be able to run the same software whether I sat down at a computer at the office or at home or at a friends' house. The damned Linux and FreeBSD people screwed that up. I don't care what OS people run, but what I *do* care about is that I can sit down at any computer and run the same software. Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use. DS
Stoned koala bears drooled eucalyptus spit in awe as David Schwartz exclaimed:
Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use.
Well, duh! But, I'm sure that you would agree that your average computer user has: 1. No idea that they can do this. 2. No idea _how_ to do this. 3. No idea why they would want to go to the trouble of doing this. You're joking, right? I am really hoping that this whole New.Net shenanigan is just an early, elaborate April Fool's Day prank, or a bad dream. All internet users should see the exact same namespace in the DNS system, regardless of what nameservers they use, or which provider they connect through. With minor differences due to TTLs that have yet to expire, etc., of course. Jeff -- "...and the burnt fool's bandaged finger goes wobbling back to the fire." -Joe Zeff in the SDM.
On Thu, Mar 15, 2001 at 03:11:16PM -0500, Jeff Workman had this to say:
All internet users should see the exact same namespace in the DNS system, regardless of what nameservers they use, or which provider they connect through. With minor differences due to TTLs that have yet to expire, etc., of course.
EXACTLY. I don't know why this is such a difficult point to get across. -- Scott Francis scott@ [work:] v i r t u a l i s . c o m Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7 illum oportet crescere me autem minui
At 03:10 PM 3/15/01 -0800, you wrote:
On Thu, Mar 15, 2001 at 03:11:16PM -0500, Jeff Workman had this to say:
All internet users should see the exact same namespace in the DNS system, regardless of what nameservers they use, or which provider they connect through. With minor differences due to TTLs that have yet to expire,
etc.,
of course.
EXACTLY. I don't know why this is such a difficult point to get across.
It's because you are aware of the consequences. Creative marketing types are often not aware of anything beyond the brand idea itself and what's for lunch. It's just a matter of education. But, of course, the proof is seen in the doing. Network managers having to deal with extra help desk loads caused by someone else's problem isn't an ironed out situation. Sometimes these visible conflicts make a better end result if the conflicts are ironed out to everyone's satisfaction early. Best Regards, Simon Higgs -- It's a feature not a bug...
On Thu, Mar 15, 2001 at 03:11:16PM -0500, Jeff Workman wrote:
All internet users should see the exact same namespace in the DNS system, regardless of what nameservers they use, or which provider they connect through.
Why? If somebody else wants to see something different than you see, who are you to tell them they can't? Does this mean people also aren't allowed to use services such as MAPS, ORBS, or local /etc/hosts files that cause them to resolve a different address for a given DNS name, so as to prevent reception of spam? If you are going to magnanimously allow people to do this, what is it about new.net's services that is an exception to their free choice?
[last comment in these threads by me.] On Thu, Mar 15, 2001 at 06:36:34PM -0500, Shawn McMahon wrote:
On Thu, Mar 15, 2001 at 03:11:16PM -0500, Jeff Workman wrote:
All internet users should see the exact same namespace in the DNS system, regardless of what nameservers they use, or which provider they connect through.
Why? If somebody else wants to see something different than you see, who are you to tell them they can't? [snip]
I have no problem with people breaking/mangling their networks any way they like; I have no problem with AOL special content, etc. People who blackhole abusers, etc. I have major problems with people mangling their net and then turning around to claim their net is unmangled. I don't care how many others have their little fragmented roots, but -as I said at the start of this crud- if they don't wish to play in the consunsual reality/delusion that is the big-I Internet, then they need to be striaght up abaout it. Honestly, I don't even care if they claim they are providing "Internet++", "Expanded Internet", etc happy-spin marketing buzz. But any claims made that such things which are NOT the global-consensus Internet ARE "the Internet" will be met with refutation, uproarious laughter, and shunning. Cheers, Joe -- Joe Provo Voice 508.486.7471 Director, Internet Planning & Design Fax 508.229.2375 Network Deployment & Management, RCN <joe.provo@rcn.com>
On Thu, 15 Mar 2001, David Schwartz wrote:
Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use.
Why do nanog threads always repeat themselves fifty times before they die? Not wishing to repeat myself either but.. Why is choice so important to you? OK, I just created Wilcox's law of customer support.. this states that for every choice you give users the number of potential problems increases proportianally. You give them different operating systems, different browsers, different providers now you give them different DNS roots.. You just doubled the number of ways in which a (dumb) home user can break their systems and get all confused over why when they just installed the new Opal Internet software all the web pages they are used to using are different... simple to me, you and everyone on this list, but to a (dumb) home user thats 15 minutes to explain the problem, 15 minutes to discuss the details of the DNS system and 15 minutes to once again explain how this affects them because they dont understand a word you are saying and cant understand why typing in www.yahoo.com now resolves to a porn site! Following me so far? Sure, you are free to choose, very good have the "land of the free" feeling of excitement. But I'm suggesting its a really bad thing to make this decision for people who are not going to understand this and cause all of us nice people problems. Anyway, its all fake.. its just adding a new dns search domain and hyping it up in order to take advantage of people's stupidity who think they are paying you for a domain name when in fact theyre paying for a subdomain worth zip tiddley nothin! Steve
On Thu, 15 Mar 2001, David Schwartz wrote:
Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use.
Why do nanog threads always repeat themselves fifty times before they die?
Because people don't read what other people write.
Not wishing to repeat myself either but..
Why is choice so important to you?
Who said it was? I'm just saying that it's unreasonable for you to complain about me having a choice.
OK, I just created Wilcox's law of customer support..
this states that for every choice you give users the number of potential problems increases proportianally.
Then don't give your users the choice. See, no problem.
You give them different operating systems, different browsers, different providers now you give them different DNS roots..
You just doubled the number of ways in which a (dumb) home user can break their systems and get all confused over why when they just installed the new Opal Internet software all the web pages they are used to using are different...
Then don't give your customers that choice. Nobody is forcing you to.
simple to me, you and everyone on this list, but to a (dumb) home user thats 15 minutes to explain the problem, 15 minutes to discuss the details of the DNS system and 15 minutes to once again explain how this affects them because they dont understand a word you are saying and cant understand why typing in www.yahoo.com now resolves to a porn site!
Following me so far? Sure, you are free to choose, very good have the "land of the free" feeling of excitement. But I'm suggesting its a really bad thing to make this decision for people who are not going to understand this and cause all of us nice people problems.
If giving your customers a choice causes you a headache, then don't give them a choice. If you are selling them unfiltered Internet access, then give them that. If you give them flat-rate support, then give them that. If you don't support some services, then don't. DS
On Thu, Mar 15, 2001 at 09:40:28PM +0000, Stephen J. Wilcox had this to say:
OK, I just created Wilcox's law of customer support..
this states that for every choice you give users the number of potential problems increases proportianally.
s/proportionally/exponentially/ After all, customers interact with other customers, and worse, with sales folk. -- Scott Francis scott@ [work:] v i r t u a l i s . c o m Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7 illum oportet crescere me autem minui
On Thu, 15 Mar 2001 11:59:28 PST, David Schwartz said:
Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use.
Unless the ISP is security conscious and has allow-query and allow-recurse ACLs for his netblocks only, to help combat DNS cache poisoning. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
On Thu, 15 Mar 2001 11:59:28 PST, David Schwartz said:
Did you know that you can choose which nameservers you use? And you can continue to use the same nameservers no matter what provider you use.
Unless the ISP is security conscious and has allow-query and allow-recurse ACLs for his netblocks only, to help combat DNS cache poisoning.
I think it was clear that I was talking about consensual relationships between name service providers and the people who use them. DS
participants (10)
-
Charles Scott
-
Chris Davis
-
David Schwartz
-
Jeff Workman
-
Joe Provo
-
Scott Francis
-
Shawn McMahon
-
Simon Higgs
-
Stephen J. Wilcox
-
Valdis.Kletnieks@vt.edu