ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    How to choose public DNS provider for an ISP

    IT Business
    isp wisp dns
    11
    33
    2965
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NerdyDad
      NerdyDad last edited by

      As some of you know, I am working on building a WISP. One thing that I have decided to do is go all private IP addresses to cut down costs and to protect my system and subs a little more.

      One thing I have a concern about is who do I want to point to for my upstream DNS? Default answer is Google or OpenDNS. Don't really trust big companies.

      Without beating around the bush too much, should I consider a DNS provider that doesn't track queries but could also be blocking some of the Internet to the subscriber or a DNS provider that gives them full reign over the Internet without concern about the sub's privacy?

      Obsolesce 1 Reply Last reply Reply Quote 1
      • travisdh1
        travisdh1 last edited by

        If it were me, I'd just provide full internet access. If you really feel strongly about helping people help themselves, then maybe offer an option to use a DNS service provided by you through something like Pi-Hole, but that would have to be optional. People get all kinds of cranky when they can't use the "coupon" websites and applications, where coupon is actually malware of course.

        NerdyDad wirestyle22 2 Replies Last reply Reply Quote 1
        • brianlittlejohn
          brianlittlejohn last edited by

          You are going to use private IP addresses, so all of you subs will be double nat'ed ?

          NerdyDad 1 Reply Last reply Reply Quote 1
          • NerdyDad
            NerdyDad @travisdh1 last edited by

            @travisdh1 said in How to choose public DNS provider for an ISP:

            If it were me, I'd just provide full internet access. If you really feel strongly about helping people help themselves, then maybe offer an option to use a DNS service provided by you through something like Pi-Hole, but that would have to be optional. People get all kinds of cranky when they can't use the "coupon" websites and applications, where coupon is actually malware of course.

            Thank you. I could setup a pi-hole system. I tell the sub about this alternative DNS. If they opt-in, I change their DNS to point to my pi-hole. But they have to choose to be a part of it, otherwise they get straight Internet.

            scottalanmiller 1 Reply Last reply Reply Quote 1
            • NerdyDad
              NerdyDad @brianlittlejohn last edited by

              @brianlittlejohn said in How to choose public DNS provider for an ISP:

              You are going to use private IP addresses, so all of you subs will be double nat'ed ?

              That's what I'm considering. What are the potential problems with this?

              brianlittlejohn scottalanmiller 3 Replies Last reply Reply Quote 0
              • Obsolesce
                Obsolesce @NerdyDad last edited by Obsolesce

                @nerdydad said in How to choose public DNS provider for an ISP:

                As some of you know, I am working on building a WISP. One thing that I have decided to do is go all private IP addresses to cut down costs and to protect my system and subs a little more.

                One thing I have a concern about is who do I want to point to for my upstream DNS? Default answer is Google or OpenDNS. Don't really trust big companies.

                Without beating around the bush too much, should I consider a DNS provider that doesn't track queries but could also be blocking some of the Internet to the subscriber or a DNS provider that gives them full reign over the Internet without concern about the sub's privacy?

                I'd prefer one with no tracking whatsoever (to protect privacy), but that also is 100% open (as in no dns blocking). It's not your job to be an malware choke point.

                At most, and probably preferrably, use a DNS service with zero tracking, and only potentially blocks known infection vectors.

                1 Reply Last reply Reply Quote 4
                • brianlittlejohn
                  brianlittlejohn @NerdyDad last edited by

                  @nerdydad said in How to choose public DNS provider for an ISP:

                  @brianlittlejohn said in How to choose public DNS provider for an ISP:

                  You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                  That's what I'm considering. What are the potential problems with this?

                  It will work for most things, but what if a sub wants incoming traffic?

                  NerdyDad scottalanmiller 2 Replies Last reply Reply Quote 1
                  • wirestyle22
                    wirestyle22 @travisdh1 last edited by

                    @travisdh1 said in How to choose public DNS provider for an ISP:

                    If it were me, I'd just provide full internet access. If you really feel strongly about helping people help themselves, then maybe offer an option to use a DNS service provided by you through something like Pi-Hole, but that would have to be optional. People get all kinds of cranky when they can't use the "coupon" websites and applications, where coupon is actually malware of course.

                    "Coupon malware is the best kind of malware. I love printing out a $1 off milk coupon online and then buying a new computer for hundreds of dollars" - Standard User

                    1 Reply Last reply Reply Quote 3
                    • NerdyDad
                      NerdyDad @brianlittlejohn last edited by

                      @brianlittlejohn said in How to choose public DNS provider for an ISP:

                      @nerdydad said in How to choose public DNS provider for an ISP:

                      @brianlittlejohn said in How to choose public DNS provider for an ISP:

                      You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                      That's what I'm considering. What are the potential problems with this?

                      It will work for most things, but what if a sub wants incoming traffic?

                      I guess they can submit a request and I'll just forward it to their IP address only.

                      travisdh1 scottalanmiller 2 Replies Last reply Reply Quote 0
                      • travisdh1
                        travisdh1 @NerdyDad last edited by

                        @nerdydad said in How to choose public DNS provider for an ISP:

                        @brianlittlejohn said in How to choose public DNS provider for an ISP:

                        @nerdydad said in How to choose public DNS provider for an ISP:

                        @brianlittlejohn said in How to choose public DNS provider for an ISP:

                        You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                        That's what I'm considering. What are the potential problems with this?

                        It will work for most things, but what if a sub wants incoming traffic?

                        I guess they can submit a request and I'll just forward it to their IP address only.

                        So long as your terms of service has the standard "You're not allowed to run a server" in it, who cares. Personally I'd like an online form I could fill out for any exceptions, even better to have it linked to in the TOS.

                        Dashrender 1 Reply Last reply Reply Quote 1
                        • scottalanmiller
                          scottalanmiller @NerdyDad last edited by

                          @nerdydad said in How to choose public DNS provider for an ISP:

                          @brianlittlejohn said in How to choose public DNS provider for an ISP:

                          You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                          That's what I'm considering. What are the potential problems with this?

                          It's confusing at best for the users and breaks lots of software.

                          1 Reply Last reply Reply Quote 2
                          • scottalanmiller
                            scottalanmiller @NerdyDad last edited by

                            @nerdydad said in How to choose public DNS provider for an ISP:

                            @brianlittlejohn said in How to choose public DNS provider for an ISP:

                            @nerdydad said in How to choose public DNS provider for an ISP:

                            @brianlittlejohn said in How to choose public DNS provider for an ISP:

                            You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                            That's what I'm considering. What are the potential problems with this?

                            It will work for most things, but what if a sub wants incoming traffic?

                            I guess they can submit a request and I'll just forward it to their IP address only.

                            So if I put in a request for a port, no other customer can have it? How will that work? Say I want to have a PBX, I'm the only person that can make calls?

                            1 Reply Last reply Reply Quote 0
                            • scottalanmiller
                              scottalanmiller @brianlittlejohn last edited by

                              @brianlittlejohn said in How to choose public DNS provider for an ISP:

                              @nerdydad said in How to choose public DNS provider for an ISP:

                              @brianlittlejohn said in How to choose public DNS provider for an ISP:

                              You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                              That's what I'm considering. What are the potential problems with this?

                              It will work for most things, but what if a sub wants incoming traffic?

                              Like a VPN for example.

                              1 Reply Last reply Reply Quote 0
                              • scottalanmiller
                                scottalanmiller @NerdyDad last edited by

                                @nerdydad said in How to choose public DNS provider for an ISP:

                                @travisdh1 said in How to choose public DNS provider for an ISP:

                                If it were me, I'd just provide full internet access. If you really feel strongly about helping people help themselves, then maybe offer an option to use a DNS service provided by you through something like Pi-Hole, but that would have to be optional. People get all kinds of cranky when they can't use the "coupon" websites and applications, where coupon is actually malware of course.

                                Thank you. I could setup a pi-hole system. I tell the sub about this alternative DNS. If they opt-in, I change their DNS to point to my pi-hole. But they have to choose to be a part of it, otherwise they get straight Internet.

                                Just let them do their own at that point.

                                1 Reply Last reply Reply Quote 0
                                • scottalanmiller
                                  scottalanmiller @NerdyDad last edited by

                                  @nerdydad said in How to choose public DNS provider for an ISP:

                                  @brianlittlejohn said in How to choose public DNS provider for an ISP:

                                  You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                                  That's what I'm considering. What are the potential problems with this?

                                  Think about it conceptually. No ISP puts a global firewall in front of its clients. You are building a single corporate LAN environment here rather than an ISP WAN network, basically. Nothing will work as expected. And you will guarantee that at least one private range that they should be able to use will be broken.

                                  You are thinking of this as an SMB IT department trying to control employees, rather than an ISP trying to provide service to customers.

                                  travisdh1 1 Reply Last reply Reply Quote 3
                                  • travisdh1
                                    travisdh1 @scottalanmiller last edited by

                                    @scottalanmiller said in How to choose public DNS provider for an ISP:

                                    @nerdydad said in How to choose public DNS provider for an ISP:

                                    @brianlittlejohn said in How to choose public DNS provider for an ISP:

                                    You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                                    That's what I'm considering. What are the potential problems with this?

                                    Think about it conceptually. No ISP puts a global firewall in front of its clients. You are building a single corporate LAN environment here rather than an ISP WAN network, basically. Nothing will work as expected. And you will guarantee that at least one private range that they should be able to use will be broken.

                                    You are thinking of this as an SMB IT department trying to control employees, rather than an ISP trying to provide service to customers.

                                    Uhm... just about every ISP is doing carrier grade NAT anymore. It's caused all sorts of headaches in Millersburg because some goofball decided to use 192.168.1.X for their CGNAT. #fail

                                    Romo 1 Reply Last reply Reply Quote 1
                                    • Romo
                                      Romo @travisdh1 last edited by

                                      @travisdh1 said in How to choose public DNS provider for an ISP:

                                      @scottalanmiller said in How to choose public DNS provider for an ISP:

                                      @nerdydad said in How to choose public DNS provider for an ISP:

                                      @brianlittlejohn said in How to choose public DNS provider for an ISP:

                                      You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                                      That's what I'm considering. What are the potential problems with this?

                                      Think about it conceptually. No ISP puts a global firewall in front of its clients. You are building a single corporate LAN environment here rather than an ISP WAN network, basically. Nothing will work as expected. And you will guarantee that at least one private range that they should be able to use will be broken.

                                      You are thinking of this as an SMB IT department trying to control employees, rather than an ISP trying to provide service to customers.

                                      Uhm... just about every ISP is doing carrier grade NAT anymore. It's caused all sorts of headaches in Millersburg because some goofball decided to use 192.168.1.X for their CGNAT. #fail

                                      Down here in mexico, almost all cable companies that also provide internet service use CGNAT as well, the downside is they are also some of the worst providers but they do use it.

                                      scottalanmiller 1 Reply Last reply Reply Quote 0
                                      • scottalanmiller
                                        scottalanmiller @Romo last edited by

                                        @romo said in How to choose public DNS provider for an ISP:

                                        @travisdh1 said in How to choose public DNS provider for an ISP:

                                        @scottalanmiller said in How to choose public DNS provider for an ISP:

                                        @nerdydad said in How to choose public DNS provider for an ISP:

                                        @brianlittlejohn said in How to choose public DNS provider for an ISP:

                                        You are going to use private IP addresses, so all of you subs will be double nat'ed ?

                                        That's what I'm considering. What are the potential problems with this?

                                        Think about it conceptually. No ISP puts a global firewall in front of its clients. You are building a single corporate LAN environment here rather than an ISP WAN network, basically. Nothing will work as expected. And you will guarantee that at least one private range that they should be able to use will be broken.

                                        You are thinking of this as an SMB IT department trying to control employees, rather than an ISP trying to provide service to customers.

                                        Uhm... just about every ISP is doing carrier grade NAT anymore. It's caused all sorts of headaches in Millersburg because some goofball decided to use 192.168.1.X for their CGNAT. #fail

                                        Down here in mexico, almost all cable companies that also provide internet service use CGNAT as well, the downside is they are also some of the worst providers but they do use it.

                                        It's pretty rare here from what I can tell. I never see people getting non-public IPs.

                                        wrx7m 1 Reply Last reply Reply Quote 2
                                        • wrx7m
                                          wrx7m @scottalanmiller last edited by

                                          @scottalanmiller - I didn't even know that was a thing.

                                          scottalanmiller 1 Reply Last reply Reply Quote 0
                                          • scottalanmiller
                                            scottalanmiller @wrx7m last edited by

                                            @wrx7m said in How to choose public DNS provider for an ISP:

                                            @scottalanmiller - I didn't even know that was a thing.

                                            It exists, but I had no idea that people were seeing it commonly, so many things break when you do that.

                                            1 Reply Last reply Reply Quote 2
                                            • First post
                                              Last post