Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
Affiliate link
 
 
 

Affiliate link: MyHeritage DNA test kit helps you discover your ethnicity results, DNA genetic groups, family relatives.
Zeon
3859 posts

Uber Geek

Trusted

  #2319150 17-Sep-2019 13:05
Send private message

BarTender:

 

Brumfondl:

 

freitasm: Unless your ISP doesn't want it, hence my question to the OP.

 

And if you are with Spark the answer is also No as sometimes it seems to be Tokyo or Osaka or somewhere else that most definitely isn't New Zealand :/

 

 

The events of Christchurch and the ongoing lack of any meaningful action on significant proportion of vile content they protect on the internet means that Spark will most likely never peer with Cloudflare.

 

I know you geeks may not like it, but it is the reality that Spark have a moral compass when it comes to Christchurch and other ISPs don't.

 

 

You mean supporting meaningless censorship so they can make a PR announcement and get free press for the "moral highground"?

 

Back to the topic, I guess the world has moved on from peering being such a big issue. If Spark wants to pay to get content from other countries and degrade their users' experience that is their choice.





Speedtest 2019-10-14


hio77
'That VDSL Cat'
12970 posts

Uber Geek

ID Verified
Trusted
Voyager
Subscriber

  #2319152 17-Sep-2019 13:07
Send private message

i still dont understand the move to "secure DNS"

 

 

 

what are you trying to secure yourself from by moving your queries further away?

 

Your simply opening yourself up to sources such as Akamai which use dns to point you to the right place, preforming badly.

 

 

 

if your concern is latency for a request, then keep it local....





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


Sounddude
I fix stuff!
1879 posts

Uber Geek

Trusted
Vocus
Lifetime subscriber

  #2319155 17-Sep-2019 13:11
Send private message

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

 

 

 

 




hio77
'That VDSL Cat'
12970 posts

Uber Geek

ID Verified
Trusted
Voyager
Subscriber

  #2319160 17-Sep-2019 13:20
Send private message

Sounddude:

 

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

i got that much.

 

 

 

I suppose my question was more, Do people that make this choice, Understand the downsides that go with it?

 

I highly suspect not. Part of that driven by the fact that ISP's in America are just plain bad...





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


BarTender
3407 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2319192 17-Sep-2019 14:17
Send private message

Jarsky:

 

...

 

Not very good for a Spark Customer trying to have a secure network.

 

...

 

 

But if you want to have an optimised experience and use local Content Delivery Network hosts then you should use the ISP supplied DNS servers.

 

As I can see shortly complaints about why all things coming from Akamai are incredibly slow.





and


BarTender
3407 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2319195 17-Sep-2019 14:20
Send private message

Sounddude:

 

BarTender:

 

I know you geeks may not like it, but it is the reality that Spark have a moral compass when it comes to Christchurch and other ISPs don't.

 

 

really? you truly going to say that?

 

wow.

 

 

Yeah I am, sorry Cloudflare have supported and continue to support the vast majority of the vile on the internet, have absolutely no interest in doing anything about it as they profit from it.

 

The fact you can't see they are a horrible company with zero ethics or moral compass isn't my fault.





and


Jarsky
142 posts

Master Geek


  #2319198 17-Sep-2019 14:24
Send private message

 

 

I prefer to do my own DNS sinkholing so I use open recursive resolvers. I'm a big advocate for an 'open' internet. I don't want my ISP/Govt telling me what sites I can and can't visit. They also sometimes get it wrong by blocking legitimate sites such as gyazo and bit.ly

 

For security against devices with DNS hijacking from Malware etc..and DNS reflection attacks...I block all external DNS except for ISP, Google & Cloudflare. 

 

I then have DoH setup to avoid MitM attacks between me and the resolver. 

 

Generally CDN's arent an issue with Google, Cloudflare & Quad9 using anycast so 99% of the time you're still getting local content anyway. 




BarTender
3407 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2319210 17-Sep-2019 14:39
Send private message

Jarsky:

 

I prefer to do my own DNS sinkholing so I use open recursive resolvers. I'm a big advocate for an 'open' internet. I don't want my ISP/Govt telling me what sites I can and can't visit. They also sometimes get it wrong by blocking legitimate sites such as gyazo and bit.ly

 

For security against devices with DNS hijacking from Malware etc..and DNS reflection attacks...I block all external DNS except for ISP, Google & Cloudflare. 

 

I then have DoH setup to avoid MitM attacks between me and the resolver. 

 

Generally CDN's arent an issue with Google, Cloudflare & Quad9 using anycast so 99% of the time you're still getting local content anyway. 

 

 

But Akamai WILL be an issue as they base their local CDN host off the source IP of the DNS server that sends them the request to resolve the content. So it is extremely likely you will be directed to an offshore Akamai node.

 

Most major streaming service outside YouTube or Netflix will tend to use Akamai such as but not limited to TVNZOD, 3OD/All Mediaworks, Sky, Neon, Lightbox, Spark Sports, Microsoft, Apple and the list goes on and on. So when you have issues with streaming or downloads off Akamai it please don't ring up your ISP and complain.





and


Jarsky
142 posts

Master Geek


  #2319260 17-Sep-2019 15:38
Send private message

BarTender:

 

But Akamai WILL be an issue as they base their local CDN host off the source IP of the DNS server that sends them the request to resolve the content. So it is extremely likely you will be directed to an offshore Akamai node.

 

Most major streaming service outside YouTube or Netflix will tend to use Akamai such as but not limited to TVNZOD, 3OD/All Mediaworks, Sky, Neon, Lightbox, Spark Sports, Microsoft, Apple and the list goes on and on. So when you have issues with streaming or downloads off Akamai it please don't ring up your ISP and complain.

 

 

 

 

Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


freitasm
BDFL - Memuneh
73926 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2319281 17-Sep-2019 16:08
Send private message

Or could be even faster and come from your within your ISP or closer.





Are you happy with Geekzone? Consider subscribing or making a donation.

 

 

 

freitasm on Keybase | My technology disclosure 

 

These links are referral codes: Sharesies | Mighty Ape | Norton 360 | Lenovo laptops | GoodsyncGeekzone Blockchain Project


Sounddude
I fix stuff!
1879 posts

Uber Geek

Trusted
Vocus
Lifetime subscriber

  #2319284 17-Sep-2019 16:12
Send private message

BarTender:

 

Yeah I am, sorry Cloudflare have supported and continue to support the vast majority of the vile on the internet, have absolutely no interest in doing anything about it as they profit from it.

 

The fact you can't see they are a horrible company with zero ethics or moral compass isn't my fault.

 

 

 

 

I don't disagree with what you say about cloudflare.

 

I disagree that Spark that having a moral compass is anything to do with not peering with them.


Talkiet
4563 posts

Uber Geek

Trusted

  #2319285 17-Sep-2019 16:13
Send private message

Sounddude:

 

hio77:

 

i still dont understand the move to "secure DNS"

 

 

Stops censor ship. Takes the control away from the ISP and Govt regulation and into the control of large corporates who think they are doing the best thing for the Internet and free speech.

 

 

I'm presuming this is just a subtle joke really. I'm not sure I trust large corporates any more than I trust ISPs or Govt regulations.

 

The difference is of course that governments literally have legitimate authority in this area and large corporates don't... If you (or anyone) trust large corporate entities to act consistently in the best interests of "The Internet" and "Free speech" then I have a bridge to sell :-)

 

Cheers - N





--

 

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.


BarTender
3407 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2319373 17-Sep-2019 19:00
Send private message

Jarsky: Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


I don't think you understand or want to understand how Akamai delivers service. As they don't use Anycast for CDN resolution so I am not sure why you keep on bringing it up.
I think it's been nicely summed up by @Talkiet saying really if you trust US corporations like Cloudflare or Google with their extremely questionable behavior around privacy and security more than the NZ Government or your local ISP then I think you've been drinking the Kool aid a bit too much.




and


BarTender
3407 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2319375 17-Sep-2019 19:02
Send private message

Sounddude: I don't disagree with what you say about cloudflare.


I disagree that Spark that having a moral compass is anything to do with not peering with them.


Cloudflares response to Christchurch is why there is no chance of it ever happening in the future.




and


Jarsky
142 posts

Master Geek


  #2319493 17-Sep-2019 21:12
Send private message

BarTender:
Jarsky: Not an issue with Anycast and BGP, my content for all those services still comes from primarily Auckland, Sydney, Melbourne. 


I don't think you understand or want to understand how Akamai delivers service. As they don't use Anycast for CDN resolution so I am not sure why you keep on bringing it up.
I think it's been nicely summed up by @Talkiet saying really if you trust US corporations like Cloudflare or Google with their extremely questionable behavior around privacy and security more than the NZ Government or your local ISP then I think you've been drinking the Kool aid a bit too much.


I never said that how's Akamai works mate.
I was referring to Google/CF DNS.

1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

New Zealand Video Game Sales Reaches $540 Million
Posted 26-Jun-2022 14:49


Github Copilot Generally Available to All Developers
Posted 26-Jun-2022 14:37


Logitech G Introduces the New Astro A10 Headset
Posted 26-Jun-2022 14:20


Fitbit introduces Sleep Profiles
Posted 26-Jun-2022 14:11


Synology Introduces FlashStation FS3410
Posted 26-Jun-2022 14:04


Intel Arc A380 Graphics First Available in China
Posted 15-Jun-2022 17:08


JBL Introduces PartyBox Encore Essential Speaker
Posted 15-Jun-2022 17:05


New TVNZ+ streaming brand launches
Posted 13-Jun-2022 08:35


Chromecast With Google TV Review
Posted 10-Jun-2022 17:10


Xbox Gaming on Your Samsung Smart TV No Console Required
Posted 10-Jun-2022 00:01


Xbox Cloud Gaming Now Available in New Zealand
Posted 10-Jun-2022 00:01


HP Envy Inspire 7900e Review
Posted 9-Jun-2022 20:31


Philips Hue Starter Kit Review
Posted 4-Jun-2022 11:10


Sony Expands Its Wireless Speaker X-series Range
Posted 4-Jun-2022 10:25


Microsoft Updates Surface Laptop Go With 11th Gen Intel CPUs
Posted 2-Jun-2022 07:12









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.