Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
3525 posts

Uber Geek

Trusted

  # 2319150 17-Sep-2019 13:05
3 people support this post
Send private message

BarTender:

 

Brumfondl:

 

freitasm: Unless your ISP doesn't want it, hence my question to the OP.

 

And if you are with Spark the answer is also No as sometimes it seems to be Tokyo or Osaka or somewhere else that most definitely isn't New Zealand :/

 

 

The events of Christchurch and the ongoing lack of any meaningful action on significant proportion of vile content they protect on the internet means that Spark will most likely never peer with Cloudflare.

 

I know you geeks may not like it, but it is the reality that Spark have a moral compass when it comes to Christchurch and other ISPs don't.

 

 

You mean supporting meaningless censorship so they can make a PR announcement and get free press for the "moral highground"?

 

Back to the topic, I guess the world has moved on from peering being such a big issue. If Spark wants to pay to get content from other countries and degrade their users' experience that is their choice.





Speedtest 2019-10-14


'That VDSL Cat'
11547 posts

Uber Geek

Trusted
Spark
Subscriber

  # 2319152 17-Sep-2019 13:07
Send private message

i still dont understand the move to "secure DNS"

 

 

 

what are you trying to secure yourself from by moving your queries further away?

 

Your simply opening yourself up to sources such as Akamai which use dns to point you to the right place, preforming badly.

 

 

 

if your concern is latency for a request, then keep it local....





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


 
 
 
 


I fix stuff!
1794 posts

Uber Geek

Trusted
Vocus
Subscriber

  # 2319155 17-Sep-2019 13:11
Send private message

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

 

 

 

 


'That VDSL Cat'
11547 posts

Uber Geek

Trusted
Spark
Subscriber

  # 2319160 17-Sep-2019 13:20
Send private message

Sounddude:

 

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

i got that much.

 

 

 

I suppose my question was more, Do people that make this choice, Understand the downsides that go with it?

 

I highly suspect not. Part of that driven by the fact that ISP's in America are just plain bad...





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


2955 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2319192 17-Sep-2019 14:17
2 people support this post
Send private message

Jarsky:

 

...

 

Not very good for a Spark Customer trying to have a secure network.

 

...

 

 

But if you want to have an optimised experience and use local Content Delivery Network hosts then you should use the ISP supplied DNS servers.

 

As I can see shortly complaints about why all things coming from Akamai are incredibly slow.





and


2955 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2319195 17-Sep-2019 14:20
One person supports this post
Send private message

Sounddude:

 

BarTender:

 

I know you geeks may not like it, but it is the reality that Spark have a moral compass when it comes to Christchurch and other ISPs don't.

 

 

really? you truly going to say that?

 

wow.

 

 

Yeah I am, sorry Cloudflare have supported and continue to support the vast majority of the vile on the internet, have absolutely no interest in doing anything about it as they profit from it.

 

The fact you can't see they are a horrible company with zero ethics or moral compass isn't my fault.





and


140 posts

Master Geek


  # 2319198 17-Sep-2019 14:24
Send private message

 

 

I prefer to do my own DNS sinkholing so I use open recursive resolvers. I'm a big advocate for an 'open' internet. I don't want my ISP/Govt telling me what sites I can and can't visit. They also sometimes get it wrong by blocking legitimate sites such as gyazo and bit.ly

 

For security against devices with DNS hijacking from Malware etc..and DNS reflection attacks...I block all external DNS except for ISP, Google & Cloudflare. 

 

I then have DoH setup to avoid MitM attacks between me and the resolver. 

 

Generally CDN's arent an issue with Google, Cloudflare & Quad9 using anycast so 99% of the time you're still getting local content anyway. 


 
 
 
 


2955 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2319210 17-Sep-2019 14:39
2 people support this post
Send private message

Jarsky:

 

I prefer to do my own DNS sinkholing so I use open recursive resolvers. I'm a big advocate for an 'open' internet. I don't want my ISP/Govt telling me what sites I can and can't visit. They also sometimes get it wrong by blocking legitimate sites such as gyazo and bit.ly

 

For security against devices with DNS hijacking from Malware etc..and DNS reflection attacks...I block all external DNS except for ISP, Google & Cloudflare. 

 

I then have DoH setup to avoid MitM attacks between me and the resolver. 

 

Generally CDN's arent an issue with Google, Cloudflare & Quad9 using anycast so 99% of the time you're still getting local content anyway. 

 

 

But Akamai WILL be an issue as they base their local CDN host off the source IP of the DNS server that sends them the request to resolve the content. So it is extremely likely you will be directed to an offshore Akamai node.

 

Most major streaming service outside YouTube or Netflix will tend to use Akamai such as but not limited to TVNZOD, 3OD/All Mediaworks, Sky, Neon, Lightbox, Spark Sports, Microsoft, Apple and the list goes on and on. So when you have issues with streaming or downloads off Akamai it please don't ring up your ISP and complain.





and


140 posts

Master Geek


  # 2319260 17-Sep-2019 15:38
Send private message

BarTender:

 

But Akamai WILL be an issue as they base their local CDN host off the source IP of the DNS server that sends them the request to resolve the content. So it is extremely likely you will be directed to an offshore Akamai node.

 

Most major streaming service outside YouTube or Netflix will tend to use Akamai such as but not limited to TVNZOD, 3OD/All Mediaworks, Sky, Neon, Lightbox, Spark Sports, Microsoft, Apple and the list goes on and on. So when you have issues with streaming or downloads off Akamai it please don't ring up your ISP and complain.

 

 

 

 

Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


BDFL - Memuneh
65332 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 2319281 17-Sep-2019 16:08
2 people support this post
Send private message
I fix stuff!
1794 posts

Uber Geek

Trusted
Vocus
Subscriber

  # 2319284 17-Sep-2019 16:12
2 people support this post
Send private message

BarTender:

 

Yeah I am, sorry Cloudflare have supported and continue to support the vast majority of the vile on the internet, have absolutely no interest in doing anything about it as they profit from it.

 

The fact you can't see they are a horrible company with zero ethics or moral compass isn't my fault.

 

 

 

 

I don't disagree with what you say about cloudflare.

 

I disagree that Spark that having a moral compass is anything to do with not peering with them.


4304 posts

Uber Geek

Trusted

  # 2319285 17-Sep-2019 16:13
3 people support this post
Send private message

Sounddude:

 

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

I'm presuming this is just a subtle joke really. I'm not sure I trust large corporates any more than I trust ISPs or Govt regulations.

 

The difference is of course that governments literally have legitimate authority in this area and large corporates don't... If you (or anyone) trust large corporate entities to act consistently in the best interests of "The Internet" and "Free speech" then I have a bridge to sell :-)

 

Cheers - N





--

 

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.


2955 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2319373 17-Sep-2019 19:00
Send private message

Jarsky: Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


I don't think you understand or want to understand how Akamai delivers service. As they don't use Anycast for CDN resolution so I am not sure why you keep on bringing it up.
I think it's been nicely summed up by @Talkiet saying really if you trust US corporations like Cloudflare or Google with their extremely questionable behavior around privacy and security more than the NZ Government or your local ISP then I think you've been drinking the Kool aid a bit too much.




and


2955 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2319375 17-Sep-2019 19:02
Send private message

Sounddude: I don't disagree with what you say about cloudflare.


I disagree that Spark that having a moral compass is anything to do with not peering with them.


Cloudflares response to Christchurch is why there is no chance of it ever happening in the future.




and


140 posts

Master Geek


  # 2319493 17-Sep-2019 21:12
Send private message

BarTender:
Jarsky: Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


I don't think you understand or want to understand how Akamai delivers service. As they don't use Anycast for CDN resolution so I am not sure why you keep on bringing it up.
I think it's been nicely summed up by @Talkiet saying really if you trust US corporations like Cloudflare or Google with their extremely questionable behavior around privacy and security more than the NZ Government or your local ISP then I think you've been drinking the Kool aid a bit too much.


I never said that how's Akamai works mate.
I was referring to Google/CF DNS.

1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43


Suunto 7 combine sports and smart features on new smartwatch generation
Posted 7-Jan-2020 16:06


Intel brings innovation with technology spanning the cloud, network, edge and PC
Posted 7-Jan-2020 15:54


AMD announces high performance desktop and ultrathin laptop processors
Posted 7-Jan-2020 15:42


AMD unveils four new desktop and mobile GPUs including AMD Radeon RX 5600
Posted 7-Jan-2020 15:32


Consolidation in video streaming market with Spark selling Lightbox to Sky
Posted 19-Dec-2019 09:09


Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.