On Feb 25, 2013, at 7:17 PM, Robert Edmonds <edmo...@isc.org> wrote:
> Noel Butler wrote: >> and putting tin foil hat on now :) it would log those requests, and who >> knows what google does with that data, it sure as hell doesnt do it for >> the goodness of the planet, there is a commercial reason behind every >> decision and service they provide. So, yes, there is a commercial reason -- Google makes basically all its money from folk using the Internet. While things have been improving, a large number of ISPs were providing very poor recursive DNS services for their users -- DNS is seen simply as a cost and not as a revenue stream, and so they were often oversubscribed and / or not reliable (and / or would lie). Poor DNS performance leads to a substantially degraded user experience (sometime have a look to see how many DNS resolutions something like the CNN main page requires) -- poor user performance leads to users using the Internet less, which leads to Google not making as much money. Now I realize that lots of folk would prefer to believe that there is something more nefarious happening (and there is nothing really that I can say to change that) but I figured I should at least try explain why Google provides this... > yes, who knows what google is doing with all that data. they would > never tell us that. > > https://developers.google.com/speed/public-dns/privacy Yup, thank you, Robert. > > [...] > > Google Public DNS stores two sets of logs: temporary and permanent. > The temporary logs store the full IP address of the machine you're > using. We have to do this so that we can spot potentially bad things > like DDoS attacks and so we can fix problems, such as particular > domains not showing up for specific users. > > We delete these temporary logs within 24 to 48 hours. > > In the permanent logs, we don't keep personally identifiable > information or IP information. We do keep some location information > (at the city/metro level) so that we can conduct debugging, analyze > abuse phenomena. After keeping this data for two weeks, we randomly > sample a small subset for permanent storage. > > We don't correlate or combine information from our temporary or > permanent logs with any personal information that you have provided > Google for other services. > > Finally, if you're interested in knowing what else we log when you > use Google Public DNS, here is the full list of items that are > included in our permanent logs: > > * Request domain name, e.g. www.google.com > > * Request type, e.g. A (which stands for IPv4 record), AAAA (IPv6 > record), NS, MX, TXT, etc. > > * Transport protocol on which the request arrived, i.e. TCP or UDP > > * Client's AS (autonomous system or ISP), e.g. AS15169 > > * User's geolocation information: i.e. geocode, region ID, city ID, > and metro code > > * Response code sent, e.g. SUCCESS, SERVFAIL, NXDOMAIN, etc. > > * Whether the request hit our frontend cache > > * Whether the request hit a cache elsewhere in the system (but not in > the frontend) > > * Absolute arrival time in seconds > > * Total time taken to process the request end-to-end, in seconds > > * Name of the Google machine that processed this request, e.g. > machine101 > > * Google target IP to which this request was addressed, e.g. one of > our anycast IP addresses (no relation to the user's IP) > > -- > Robert Edmonds > edmo...@isc.org > _______________________________________________ > dns-operations mailing list > dns-operations@lists.dns-oarc.net > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > -- American Non-Sequitur Society; we don't make sense, but we do like pizza! _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
