Re: What do you consider acceptable packet / session modification for a network operator?

[Mukund Sivaraman via NANOG <nanog () lists nanog org>]

On Thu, Dec 25, 2025 at 01:08:05AM +0000, Andrew via NANOG wrote:
> So, how do you feel about where to draw the line for what is
> acceptable from an ISP?

Some of these may be double-edged (on how a person may feel, depending
on their perspective).

As an example, some virtual private server operators will drop outgoing
SMTP traffic by default. Someone who's the target of spammers may cheer
this. Someone who wants to use it to run a mail server (non-spamming)
will not. Some operators can be contacted through a form to remove the
default filter.

> - Redirecting port 53 DNS queries to ISP’s own servers, regardless of destination IP

As a DNS programmer, this particularly bites me. My ISP does this and I
bypass it by SSH'ing into machines in a datacenter to do my tests
elsewhere. Another option is to use an IP tunnel such as Wireguard. I
guess that some ISPs can't avoid intercepting DNS due to government
relgulation that asks that certain qnames be blocked (for public
benefit?).

Some VPN operators (if you can call them internet service providers as
they become the default route) also intercept all port 53 traffic and
redirect to their own resolvers. This is explained as for the
improvement of privacy for the customer. So it depends on the
perspective of the person how they feel about this.

                Mukund

Attachment: signature.asc
Description:

_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/CXB37NBD55J3JAGOYPX7ENCV3KGVQEEU/