Some providers started to block/redirect port 53 to force users to use their DNS servers. With increasing internet censorship in the EU, mostly via DNS, this probably will become a bigger issue. Responding to DNS queries on all ports would allow users to bypass such blocks quite easily.
An example for this is Vodafone Germany in their UMTS (3G) mobile internet service. They redirect all port 53 traffic to their own DNS server.
Setting this up on the server side should not require too much work or load, I think.
While providers might start blocking IP addresses, once enough DNS servers start replying on all ports, such attempts will quickly become futile - especially as the providers must take care not to block any legitimate service.
8 Comments
An example for this is Vodafone Germany in their UMTS (3G) mobile internet service. They redirect all port 53 traffic to their own DNS server.
Setting this up on the server side should not require too much work or load, I think.
While providers might start blocking IP addresses, once enough DNS servers start replying on all ports, such attempts will quickly become futile - especially as the providers must take care not to block any legitimate service.
8 Comments
Who voted for this idea
- dcochrane
- srie
- Sean Harrington
- sandu
- cl4rk3
- Gabriel
- vlz
- matthewgall
- mrelvey
- powerajm2
- Aaron
- matti
- uruiamme
- Colin Campbell
- Red Prince
- Floris
- slimdan22
- Chris
- johndee
- jdehnert
- scgross
- dariox
- bliepo
- Guy
- puh
- lordmike
- bezantsoft
- jonnidip
- trent_p
- zerohoursolutionsllc
- tobiaslw
- maxzda
- jsalz
- timbb
- yiuin
- helpdeskzombie
- schejbal
- parksouth
- trendikola
- nitroware
- dopenelson
- padde0711
- annegilles
- elkhateeb
- qire
- kevinhazzard
- bbodenmiller
- myfreeweb
- nick_m
- stgileshospice
Comments
written by matthewgall 1266 days ago
Rating: 1
| Rate Comment:
Yeah, I can see how this would be a good idea (with my very limited understanding of German)
+1
written by kevinhazzard 1253 days ago
Rating: 1
| Rate Comment:
Verizon Wireless routes all DNS traffic through their servers here in the US. If OpenDNS would accept DNS queries on alternate ports, I could bypass Verizon's name servers altogether.
written by trendikola 1252 days ago
Rating: 1
| Rate Comment:
Hey wkhazzard, I was just about to write about/quote you and your case. But you have done that yourself :-)
Nevertheless, here is the discussion link: http://forums.opendns.com/comments.php?DiscussionID=5677
written by trendikola 1243 days ago
Rating: 0
| Rate Comment:
And again someone having problems:
http://forums.opendns.com/comments.php?DiscussionID=5776
written by trendikola 1208 days ago
Rating: 0
| Rate Comment:
myfreeweb: try the port 5353... But of course opendns should also answer on a random port (not specified anywhere; search for 53 and 5353 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers#Registered_ports:_1024.E2.80.9349151)
Having DNS listen on a more common port, like say, 80, or even better a secure service on 443 would be nice. No ISP is going to block port 80.rn
Sign in to comment or register here.
Popular Ideas
Categories
Yes, this is a good idea!
More information about this: https://www.awxcnx.de/handbuch_21g.htm (German)