Thank you, Comcast.

Mike Hammett nanog at
Fri Feb 26 16:15:49 UTC 2016

I think you'd be hard pressed to find more than a tenth of a percent of people attempt to run their own DNS server. Some do because they think it'll be better in some way. Rare is the occasion where anything user configured would outperform a local DNS server managed by the ISP that does no form of trickery. 

Mike Hammett 
Intelligent Computing Solutions 


----- Original Message -----

From: "Brielle Bruns" <bruns at> 
To: nanog at 
Sent: Friday, February 26, 2016 9:56:40 AM 
Subject: Re: Thank you, Comcast. 

On 2/26/16 6:27 AM, Mike Hammett wrote: 
> "you will also block legitimate return traffic if the customers run 
> their own DNS servers or use opendns / google dns / etc." 
> I'm fine with that. Residential customers shouldn't be running DNS 
> servers anyway and as far as the outside resolvers to go, ehhhh... I 
> see the case for OpenDNS given that you can use it to filter (though 
> that's easily bypassed), but not really for any others. 

Except that half the time people run their own DNS resolvers because 
their provider's resolvers are 

1) Absolute garbage and either fail queries for no reason, don't respond 
at times, respond super slow, etc. 

2) Hijack NXDOMAIN for advertising / money generation 

3) Hijack responses to inject their own ads, popups, etc. 

Brielle Bruns 
The Summit Open Source Development Group / 

More information about the NANOG mailing list