[53442] in North American Network Operators' Group
RE: Blocking specific sites within certain countries.
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Thu Nov 14 17:29:26 2002
Date: Thu, 14 Nov 2002 17:28:29 -0500
From: "Patrick W. Gilmore" <patrick@ianai.net>
To: nanog@merit.edu
In-Reply-To: <4.2.0.58.20021114202915.00ad6ae8@mail.nso.org>
Errors-To: owner-nanog-outgoing@merit.edu
-- On Thursday, November 14, 2002 8:52 PM +0100
-- hostmaster <hostmaster@nso.org> supposedly wrote:
> This all strikes me as incorrect. The function of the domain name system
> is primarily to translate an IP number into a domain name, vice versa. If
> a user wishes to browse to <http://64.236.16.20> he/she will arrive also
> at <www.cnn.com>. The domain name is propagated and subsequently
> refreshed throughout the World. A browser request and reply may take each
> time hundreds of different routes through the Internet from end-to-end.
> If Spain would want to deploy blocking of the domain CNN.com (or in fact
> any other domain) it would have to factually block individual IP's at the
> telco 'in and out of Spain routes' to accomplish that. This, by the way
> is currently e.g. done in the Peoples Republic of China, be it not really
> successful :) It is also so easy to set up secondary dns's anywhere else
> on the globe with a ptr to some other IP no., that a dns block sec would
> never be a successful action. Blocking a /24 in Spain may be effective,
> but if the Spanish site would be hosted elsewhere, or would have a mirror
> hosted elsewhere, the elsewhere legislation would be the regulations the
> telco's are confronted with, and looking at.
Suppose they just make it a law that each ISP has to block "domain.com" in
their caching name servers?
Sure, the user could telnet somewhere and find the IP address themselves,
but it would stop 99.99% of the lusers out there.
--
TTFN,
patrick
