what is wrong with DNS name 'covid19booster.healthservice.ie' ? : Google : what is Google's secret DNS service ?

Ondřej Surý ondrej at isc.org
Sun Jan 9 12:46:20 UTC 2022 

FTR Jason has been warned before to stop sending this nonsense about Hidden Google Internet and I’ve put them on the moderation list for now.

Ondřej 
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.

> On 9. 1. 2022, at 12:58, Jason Vas Dias <jason.vas.dias at gmail.com> wrote:
> 
> Thanks Fred -
> 
>  Though really all I am trying to do is ensure I can access
>  all public DNS names, which my experience shows me I
>  cannot, using my ISP's name-servers.
> 
>  It seems there is a Hidden Google Internet that I cannot access
>  unless I use Google's DNS servers, giving Google data
>  about me to sell - this is what I am trying to avoid .
> 
> RE:
>> Can't you do the auth lookups directly? Have you tried?
> 
>   You mean add topsectechnology.net's DNS servers to
>   my Forwarders list ?
> 
>   How do I find out what they are, when the domain
>   cannot be looked up by ICANN's WHOIS service ?
> 
>   And really this would not be a solution, every time I get an
>   NXDOMAIN error, I'd  have to access multiple web-sites
>   to find the authoritative nameserver for the domain
>   (which fails for topsectechnology.net anyway), and
>   then add them to my Forwarders list ?
> 
>   Is this the way the DNS is meant to work these days ?
> 
>   I thought the DNS was meant to be public and global.
> 
>   I see that nowadays it is not . What a shame !
>   How did we let this happen ?
> 
>   And this is meant to be a vital public information service !
>   Why choose to hide the domain name that allows the public
>   to make a Covid Booster booking, unless the intent is
>   to exclude a section of society from accessing it ?
> 
>> the BIND mailing list is were I should direct my ire.
> 
>    Isn't this the BIND mailing list we are discussing this on?
>    Is there another one I should be using ? If so, please let
>    me know .
> 
>> Any response you get here is going to involve changing your
>> BIND server's configuration and behavior, probably to convert
>> it from forwarding to  caching...
> 
>   Fine !  I am just using a slightly modified Red Hat
>   caching nameserver example named.conf, enclosed .
> 
>   Why isn't this a caching nameserver ?
> 
>   If anyone could suggest how to turn my config into one
>   that is able to query the Google Hidden Internet, without
>   accessing a Google Server, please let me know.
> 
> Thanks & Best Regards,
> Jason
> 
>> On 08/01/2022, Fred Morris <m3047 at m3047.net> wrote:
>> Wow.
>> 
>> 1) You're using BIND as a caching nameserver.
>> 
>> So you say. Does the nameserver do its own upstream (authoritative)
>> lookups? If yes, then the term of art is "recursive / caching"; otherwise
>> the term is "forwarding".
>> 
>> Looks like you're configuring your ISP's nameservers as forwarders.
>> Therefore the proper term is "forwarding".
>> 
>> 2) Your ISP's nameservers fail to resolve $FQDN.
>> 
>> These are other people's caching nameservers.
>> 
>> 3) Google's nameservers resolve $FQDN.
>> 
>> These are other people's caching nameservers.
>> 
>> 4) Looks like the nameservers for healthservice.ie belong to
>> topsectechnology.net.
>> 
>> 5) Looks like those nameservers resolve $FQDN.
>> 
>> At least that's what dig +trace tells me.
>> 
>> 
>> Can't you do the auth lookups directly? Have you tried?
>> 
>> 
>> So your logic in coming here is that:
>> 
>> a) $A's caching nameservers don't resolve $FQDN.
>> 
>> b) $B's caching nameservers do resolve $FQDN.
>> 
>> c) You use BIND to connect to one of those entities' caching nameservers
>> instead of running your own.
>> 
>> d) Therefore, the BIND mailing list is were I should direct my ire.
>> 
>> Did I miss anything?
>> 
>> 
>> Any response you get here is going to involve changing your BIND server's
>> configuration and behavior, probably to convert it from forwarding to
>> caching... although grizzled veterans may tell you horror stories about
>> hotels and other public wifi.
>> 
>> --
>> 
>> Fred Morris
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>> 
>> ISC funds the development of this software with paid support subscriptions.
>> Contact us at https://www.isc.org/contact/ for more information.
>> 
>> 
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: named.conf
Type: application/octet-stream
Size: 3540 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220109/67234732/attachment-0001.obj>
-------------- next part --------------
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list