China DNS filters and collateral damage

[Dave Farber <dave () farber net>]

> Dave,
>
> Please remove my email address and identifying headers if forwarded to
> IP.
>
> A number of large research-oriented universities in the U.S. have
> recently become targets of filtering policies being implemented by
> China ISPs. There has been limited discussion of these recent events,
> but Jonathan Zittrain and Benjamin Edelman's very informative page have
> identified that these filters have been put in place.  What hasn't been
> widely discussed is the collateral damage being done by these filters.
>
> It appears that select and specific IP addresses of authoratative DNS
> servers operated by a few of the major research-oriented univerisities
> are now being filtered.  This policy has the obvious effect of
> preventing users in China, who are behind these filters, from being able
> to resolve DNS names from those select university DNS servers.  This in
> turn denies access to hosts universities are authoritative for when
> accessed by name.
>
> This action has the, probably unintentional, result of filtering traffic
> in the other direction.  Many of these university DNS servers are the
> same ones used for recursive queries by the university's client hosts.
> Since the filters are blocking university DNS server IP addresses,
> university DNS servers can't get packets through to China for the
> purpose of doing a lookup on China host names.  The result is
> effectively no access from China to select universities and no access
> from select universities to China.
>
> There are some relatively simple methods for universities to get their
> lookups resolved, but the specific details about the techniques used by
> China ISPs and the university countermeasures I'm purposely being vague
> with or leaving out, but it is not difficult for those who understand
> the technical details of Internet operation to guess what goes on and
> what sorts of things this ends up leading to.
>
> Putting aside all the political arguments, I expect this sort of
> censorship warfare and its countermeaures will continue to become more
> prevalent, more complex and more annoying for those using and operating
> certain parts of the Internet. If these activities are unique to U.S.
> universities I'd be surprised. If they are, they probably won't be for
> long.
>
> I am a member of one large U.S. research-oriented university and have
> first-hand knowledge of this issue.

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/