[53428] in North American Network Operators' Group
RE: Blocking specific sites within certain countries.
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Thu Nov 14 12:28:09 2002
Date: Thu, 14 Nov 2002 12:27:52 -0500
From: "Patrick W. Gilmore" <patrick@ianai.net>
To: nanog@merit.edu
In-Reply-To: <6F0C08B425B2D611ABB40003474D42DF740566@rssesnext.rogers.com>
Errors-To: owner-nanog-outgoing@merit.edu
-- On Thursday, November 14, 2002 12:11 PM -0500
-- Jim Deleskie <jdeleski@rci.rogers.com> supposedly wrote:
> Its my understanding that since Akamai is based on DNS resolves if you
> where to use the method of blocking it within the DNS system it would
> make no difference. Although I'm no Akamai expert.
The issue is really not Akamai or Digital Island or any other service
someone might buy. The end user is completely unaware of the machinations
behind the scene, they are just going to type "www.terrorist.com" into
their browser.
If "terroris.com" is a Bad Domain and ISPs refuse to resolve anything in
that domain, then nothing else can happen. The first step is the end
user's machine going to the ISP's name server asking for the IP address of
"www.terrorist.com". It does not matter if that hostname is CNAME'd to
another company / host / whatever, the resolution will stop immediately and
the user will be unable to see the web page.
Or they can just use a publicly available web proxy, in which case it will
not matter if the domain is Akamaized or not. =)
> -Jim
--
TTFN,
patrick
