Re: [WISPA] DNS Name Resolver for WISP
*NEVER* hand out an off-net resolver. *ONLY* hand out your own, on-net resolvers. I use Unbound on Debian. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "Colton Conor" To: "WISPA General List" Sent: Thursday, June 23, 2016 2:56:42 PM Subject: [WISPA] DNS Name Resolver for WISP What dns name solvers do you use to hand out to your customers via DHCP and why? Today we just hand out Google's 8.8.8.8 and 8.8.4.4 as a name resolvers. I recently learned about OpenDNS's free service for homes where a home user can monitor and potentially block certain websites, but that would require the home to signup at open dns, and then enter open DNS in their router. However if we handed out OpenDNS's IPs instead of googles, and provided a gateway, then that would remove that step of the client having to enter opendns IPs into their router right? Does OpenDNS have a service for ISP's? That gives us insight as to where traffic on our network is heading based dns lookups? I know about Netflow etc, but doing this though DNS seems like a cool option as well. We wouldn't want to block anything as an ISP, but it would be useful to know the top visited site by our customers is facebook.com for example. If not OpenDNS, then is there some other hosted DNS service for ISP's? ___ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless ___ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
Re: [WISPA] DNS Name Resolver for WISP
Opendns works on a per - IP basis if I remember correctly, so if they are NAT'd then that's not going to work. On Jun 26, 2016 4:19 PM, "Colton Conor" wrote: > Still though if we are currently just using Google's DNS (8.8.8.8), > handing out OpenDNS free DNS would be a better solution right? I don't > believe Google's free DNS offers any malware protections, but I could be > wrong. > > If we hand out OpenDNS as our default, then we can advertise to our users > that they can go to opendns.com and create a free personal account to > filter their home as they wish. Since we would be handing out OpenDNS > already, there would be no configuration change needed by the end user on > their gateway/router that we already provide. > > On Fri, Jun 24, 2016 at 12:12 AM, John J. Thomas > wrote: > >> As an ISP, you might consider blocking malware sites. OpenDNS used to be >> free for anyone that wanted to use it, businesses included, but they >> changed their terms of service. What they told us was the free service used >> a database that didn't get updated very frequently, and filtered about 5000 >> malware sites. When you used the paid for service, there were like 100,000 >> malware sites in that database. We met with them awhile back, when they >> were still developing their Active Directory implementation. >> >> On June 23, 2016 12:56:42 PM PDT, Colton Conor >> wrote: >> >>> What dns name solvers do you use to hand out to your customers via DHCP >>> and why? Today we just hand out Google's 8.8.8.8 and 8.8.4.4 as a name >>> resolvers. I recently learned about OpenDNS's free service for homes where >>> a home user can monitor and potentially block certain websites, but that >>> would require the home to signup at open dns, and then enter open DNS in >>> their router. However if we handed out OpenDNS's IPs instead of googles, >>> and provided a gateway, then that would remove that step of the client >>> having to enter opendns IPs into their router right? >>> >>> Does OpenDNS have a service for ISP's? That gives us insight as to where >>> traffic on our network is heading based dns lookups? I know about Netflow >>> etc, but doing this though DNS seems like a cool option as well. We >>> wouldn't want to block anything as an ISP, but it would be useful to know >>> the top visited site by our customers is facebook.com for example. >>> >>> If not OpenDNS, then is there some other hosted DNS service for ISP's? >>> >>> >>> -- >>> >>> Wireless mailing list >>> Wireless@wispa.org >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> >> -- >> Sent from my Android device with K-9 Mail. Please excuse my brevity. >> > > > ___ > Wireless mailing list > Wireless@wispa.org > http://lists.wispa.org/mailman/listinfo/wireless > > ___ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
Re: [WISPA] DNS Name Resolver for WISP
Still though if we are currently just using Google's DNS (8.8.8.8), handing out OpenDNS free DNS would be a better solution right? I don't believe Google's free DNS offers any malware protections, but I could be wrong. If we hand out OpenDNS as our default, then we can advertise to our users that they can go to opendns.com and create a free personal account to filter their home as they wish. Since we would be handing out OpenDNS already, there would be no configuration change needed by the end user on their gateway/router that we already provide. On Fri, Jun 24, 2016 at 12:12 AM, John J. Thomas wrote: > As an ISP, you might consider blocking malware sites. OpenDNS used to be > free for anyone that wanted to use it, businesses included, but they > changed their terms of service. What they told us was the free service used > a database that didn't get updated very frequently, and filtered about 5000 > malware sites. When you used the paid for service, there were like 100,000 > malware sites in that database. We met with them awhile back, when they > were still developing their Active Directory implementation. > > On June 23, 2016 12:56:42 PM PDT, Colton Conor > wrote: > >> What dns name solvers do you use to hand out to your customers via DHCP >> and why? Today we just hand out Google's 8.8.8.8 and 8.8.4.4 as a name >> resolvers. I recently learned about OpenDNS's free service for homes where >> a home user can monitor and potentially block certain websites, but that >> would require the home to signup at open dns, and then enter open DNS in >> their router. However if we handed out OpenDNS's IPs instead of googles, >> and provided a gateway, then that would remove that step of the client >> having to enter opendns IPs into their router right? >> >> Does OpenDNS have a service for ISP's? That gives us insight as to where >> traffic on our network is heading based dns lookups? I know about Netflow >> etc, but doing this though DNS seems like a cool option as well. We >> wouldn't want to block anything as an ISP, but it would be useful to know >> the top visited site by our customers is facebook.com for example. >> >> If not OpenDNS, then is there some other hosted DNS service for ISP's? >> >> >> -- >> >> Wireless mailing list >> Wireless@wispa.org >> http://lists.wispa.org/mailman/listinfo/wireless >> >> > -- > Sent from my Android device with K-9 Mail. Please excuse my brevity. > ___ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
Re: [WISPA] Baicells - who's deployed it?
There has been a lot of talk about network performance both just by itself as well as compared to other products, but one thing I would be interested in hearing more discussion on -- assuming Baicells allows for it at this point -- is the configuration and management interface(s). Perhaps these UIs are in too embryonic a form currently for a productive discussion or a fair analysis to take place, and Baicells may be trying to concentrate this phase of the trial more on correct MAC function and performance. But as somebody who is intrigued by the idea of running a few of these side-by-side with a competing product on a heterogeneous (vendor-wise) 3GPP network with our own core, it would be good to know what we are up against as far as ongoing monitoring and maintenance goes, since it's presumably a given that we aren't going to be able to use our existing vendor's NMS (for example) to monitor and control these. Sooo...what does management look like at this point, what kinds of stats can you collect, and what mechanisms can you use to extract and collect them? Do operators using these ENBs feel somewhat blind at this point or are you able to track all of the performance indicators that you feel you need in order to be able to diagnose issues? As far as commissioning one of these ENBs goes, I would also be interested to know more about what that entails, especially given the claim of "4G Easy as WiFi." So what does that mean in practice, exactly? I admit I was a little disheartened to hear that at this point, in order to configure an ENB to send traffic to your own PGW, a Baicells engineer apparently has to remote into the thing to make the change for you. I'm hoping that this is a temporary limitation while they continue to work on the (beta) software and that this isn't a permanent state of affairs or indicative of the direction they are going, because as Patrick himself said during his ISP Radio interview, "we all like to drive our own cars." The goal of simplicity is a great one from both a "customer sat" and support perspective, so long as while you are chasing it you don't abandon or significantly hamper flexibility, restrict freedoms, and/or increase one's dependence on a third-party for every little thing. -- Nathan From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Josh Luthman Sent: Friday, June 17, 2016 12:09 PM To: a...@afmug.com; WISPA General List Subject: [WISPA] Baicells - who's deployed it? Does anyone besides the guys in Amarillo have this gear deployed? Care to comment on/off list? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 ___ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
