Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthorjherman1
    • CommentTimeMar 12th 2008
     permalink
    Still doing it
    pinging www.google.com responds from google.navigation.opendns.com
    I do not like that one bit. I having been testing OpenDNS here and a separate account for home/consulting, until I can turn this feature off I cannot recommend this service, and will discontinue use. To much of a privacy concern.
    Thankful People: jdpower, watabou90
    • CommentAuthorsunnz
    • CommentTimeMar 12th 2008
     permalink
    What disappoint me most is the lack of communication from the OpenDNS guys... I will too drop OpenDNS till I see a response.
    Thankful People: jdpower, watabou90
    • CommentAuthorsrday
    • CommentTimeMar 13th 2008
     permalink
    I contacted OpenDNS support to request that they disable Shortcuts on my account. (Google redirection is supposedly tied to the use of Shortcuts.)

    The good news is that the Support team resolved the problem for me within an hour. Google requests from both networks I manage are no longer redirected through “google.navigation.opendns.com.” (Google) searches now run as quickly as ever and, once again, include McAfee SiteAdvisor “safety ratings.” According to the Support team’s response to my inquiry, they “altered a setting in your account which should resolve this matter until we come up with a more permanent solution system-wide.”

    The bad news is that both “typo correction” and “shortcuts” had to be disabled to get here. Unfortunately, many OpenDNS “features” (e.g., Content Filtering and Adult Site Blocking) rely on these and are, therefore, also disabled. According to the Support team, only Phishing Protection remains available. My Dashboard, however, indicates Domain Whitelisting and (individual) Domain Blocking are still functional.

    Additional bad news came in response to my inquiry about when the “more permanent solution system-wide” might be available for those of us who'd like to take advantage of Content Filtering and Adult Site Blocking without the Google performance hit and loss of SiteAdvisor “safety ratings.” Their response now states “our business model is based upon using this feature and you cant have one without the other.” They went on to say “we cannot make this change each time your IP updates. You will need to use software to keep it updated in your account. Keep in mind that this is not something we normally do for users, since as you have seen first-hand, that it disables all of our other services.”

    I’m not sure how this equates to a “more permanent solution system-wide…?” It’s also worth noting that my Idea Bank suggestion, that users be allowed to opt-out of the Google redirect, has gone nowhere (i.e., has not been approved for a vote of the users) since I submitted it a couple of days ago.
    • CommentAuthorbunnyhero
    • CommentTimeMar 13th 2008
     permalink
    i've got shortcuts AND typo correction turned off, yet still my google requests are being redirected to google.navigation.opendns.com.

    why is this an issue? because when i try to use google.ca (my country's google) i get redirected to www.l.google.com -- and get the US google's search results. when i go to google.ca, i want the canadian search results (which *are* different).

    and i AM using the opendns updater software to update my ip address when it changes, yet google.ca STILL gets redirected.

    :angry::angry::angry::angry::angry::angry:

    please, opendns, fix this properly!!
  1.  permalink
    This should be an optional addition.. I like full-speed google
    • CommentAuthorrfeldhou
    • CommentTimeMar 26th 2008
     permalink
    People. This is not really a hard solution.

    If you don't want the DNS provided from OPENDNS just open

    (windows)
    C:\WINDOWS\system32\drivers\etc\hosts
    (Unix/Solaris)
    /etc/hosts


    add the following (Or what every you want not to be proxied)

    72.14.207.99 google.com
    169.0.0.1 myexample.com


    Then either REBOOT or preform the following command: (Windows)

    ipconfig /flushdns


    This will flush out all local system cached DNS from local memory . The local hosts file will override any DNS remote call.

    The downside to this is that you need to maintain it. If google.com changes ip (I don't think that happens everyday) You will no longer be able to hit google.com you can use this for any DNS name you want NOT ask the DNS server for. (if it is the case the DNS is not providing the DNS IP you want.).

    Please REBOOT or Flush before testing the results.

    Robert
    • CommentAuthorlabnol
    • CommentTimeMar 30th 2008
     permalink
    • CommentAuthorsunnz
    • CommentTimeMar 30th 2008
     permalink
    Forget it, I have quit ODNS for a month now. Google seem a lot faster after I dropped ODNS.
    • CommentAuthorsolca
    • CommentTimeMar 31st 2008
     permalink
    I am the sysadmin for my University and we're currently using OpenDNS. I discover the Google divertion in OpenDNS a long time ago but I though was harmless but since they doesn't provide an option to disable that behavior I'm forced to return on using the K-ROOT nameserver.

    Many people have Google accounts and your GX cookie is in danger with OpenDNS divertion even when you are using SSL.

    I have big DNS caches too so it's not really a problem for me.
    • CommentAuthorsparko
    • CommentTimeApr 21st 2008
     permalink
    redfeldhou: OpenDNS is touted as being set-n-forget simple.
    If messing with the HOSTS file (+reboot) is required, that's a problem.
    • CommentAuthorderaj123
    • CommentTimeMay 6th 2008
     permalink
    I hadn't seen this setting before, but I went in under shortcuts and disabled "Enable OpenDNS proxy". After doing this, google now seems to resolve correctly. I can use OpenDNS again!
    Anyone else seeing this?
  2.  permalink
    Well, it's goodbye to OpenDNS for me. It's not up to them to protect me from Google. Inform me,
    by all means, but hijacking DNS lookups is far from acceptable, on ethical grounds. Quite apart from the fact that it's made google unusably slow for me for the last couple of days.

    I've enjoyed using OpenDNS, but I've gone back to my ISP's DNS server for now.
  3.  permalink
    @rfeldhou
    "People. This is not really a hard solution."

    Person, this is entirely beside the point. The hosts file isn't there to fake real DNS lookups!
    • CommentAuthorhawkeviper
    • CommentTimeMay 7th 2008 edited
     permalink
    Wow, this thread was started over a year ago and still no solution?

    Here's a tip guys, Google has billions of dollars to spend on servers to make sure their server is /always up/. You, do not.

    I do not use openDNS as any sort of web-cache, I use it for my DNS. I do not wish to see shit like this:


    hawkeviper ~ $ wget google.com
    --2008-05-07 01:15:07-- http://google.com/
    Resolving google.com... 64.233.187.99, 72.14.207.99, 64.233.167.99
    Connecting to google.com|64.233.187.99|:80... connected.
    HTTP request sent, awaiting response... 301 Moved Permanently
    Location: http://www.google.com/ [following]
    --2008-05-07 01:15:08-- http://www.google.com/
    Resolving www.google.com... 208.69.34.230, 208.69.34.231
    Connecting to www.google.com|208.69.34.230|:80... connected.
    HTTP request sent, awaiting response... cRead error (Connection reset by peer) in headers.
    Retrying.

    --2008-05-07 01:17:01-- (try: 2) http://www.google.com/
    Connecting to www.google.com|208.69.34.230|:80... connected.
    HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
    Retrying.


    I don't wish to type google.com into the address bar and sit there waiting for your broken server to pick its ass up off the floor and fulfill my request. What I do expect is one of many thousand google servers to respond to my request, within a second. I'm done using openDNS, sorry guys, you just lost my trust. I don't do well with mitm attacks of any sort, and this is one of the worst kind.
    • CommentAuthormvidberg
    • CommentTimeMay 7th 2008
     permalink
    Hmm... this is very interesting... being a linux user i've been having a lot of problems lately getting to google.com and looking around the forums and reading this thread it does seem something very fishy is going on at openDNS. Seems they have betrayed my trust and of many others. Think I'll stop using this service immediately.
    • CommentAuthorpaul53
    • CommentTimeMay 10th 2008
     permalink
    can anyone tell me why the following link will not go to google, but instead is redirected?

    http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=porsche
    • CommentAuthoratici
    • CommentTimeJun 6th 2008
     permalink
    This is absurd and deceptive. I have also been having problems with connecting to google and finally tracked down the problem to this. This behavior was nowhere mentioned when I was signing up. This renders OpenDNS completely unusable if you're behind a dynamic ip (and don't want to use any additional app).

    If OpenDNS wants to charge for its services, that's fine. But this is unacceptable.
    • CommentAuthorfastest963
    • CommentTimeJun 24th 2008 edited
     permalink
    fix!

    thanks to deraj123:

    1) Goto "Network Shortcuts" (under "settings" tab)
    2) Uncheck "Enable OpenDNS proxy"
    3) Wait a bit
    4) Congrats!

    It seems to have worked for me, lets hope that it works for everyone.
    Thankful People: D, mikemagik
    • CommentAuthorraccettura
    • CommentTimeJul 20th 2008
     permalink
    @fastest: The problem with your fix is that it disables "Block Categories" which is really the big feature of OpenDNS.
    • CommentAuthorautaonline
    • CommentTimeJul 29th 2008
     permalink
    Well, LOL... Essentially had to turn off every feature to get a sane behaviour with OpenDNS. You know guys, stuff like spam filtering requires NXDOMAIN for non-existent domains, not returning bogus info and hijacking stuff. Killing shortcuts and OpenDNS proxy reverts the Google hijack, alas it also completely kills the content filtering, as mentioned above.

    Going to switch back to my ISP's DNS servers once they've patched them for the DNS poisoning bug; they don't do any such malicious hijacking at least and I really don't have much need for content filter, though the phishing filter is nice, it's basically provided by browsers nowadays anyway.
  4.  permalink
    > 2) Uncheck "Enable OpenDNS proxy"
    This have to unchecked by default.

    And to the money. It seems openDNS looses more users due decisions of admins of big networks than "domain error"-tools preinstalled by hardware vendors, because users which are smart enough to change to openDNS, are smart enough to enable the option or to uninstall the tools. They have only to know about, which will happen if openDNS will not work probably.
  5.  permalink
    That is funny. I used OpenDNS for one day thinking it was going to be so beneficial. Right away, I saw the Google Hijacking, and noticed how slow all DNS queries were, basically slowing my entire experience down quite a bit.

    I turned off OpenDNS, and now everything is back to normal.

    NOTICE TO EVERYONE WHO STUMBLES UPON THIS "SERVICE":
    DO NOT USE THIS PRODUCT!!!! YOU HAVE BEEN WARNED.

    -- Will Gillen
    -- System Administrator
    Thankful People: sunnz, autaonline, littlemousling
  6.  permalink
    Yeah, I gotta say, I was hoping OpenDNS would help me escape the stupidity of Rogers redirects, and instead I got ... OpenDNS redirects. I used the Labnol.org hint above, but it only works for more than one word ("horse racing" goes to google, "horses" goes to OpenDNS). Given that being able to run a google search from the address bar is one of my favorite features of Firefox, I'm waving goodbye to this experiment. A slow, Yahoo-based search instead of quick-'n'-accurate Google? Nuh-uh.
    • CommentAuthorsunnz
    • CommentTimeAug 6th 2008
     permalink
    willgillen, you've hit the tail on the head, that was exactly what I have been experience and what I had to do in order to revive normal DNS operation.
  7.  permalink
    OK, fine. It took me two hours to get everything working, but "horses" finally redirects to http://www.google.com/search?q=horses. I guess I'll give OpenDNS another (wary) chance.
    • CommentAuthorautaonline
    • CommentTimeAug 11th 2008
     permalink
    My ISP's DNS servers are patched, aaaand guess what - that was the end of OpenDNS usage for me. The total lack of reaction here is completely unacceptable. And to accuse someone of bad practices (http://blog.opendns.com/2007/05/22/google-turns-the-page/) and in turn doing the exact same evil - dear OpenDNS folks, you think all people are idiots or what? BIG thumb down to this service, won't recommend to anyone. :angry:
    • CommentAuthorsunnz
    • CommentTimeAug 11th 2008
     permalink
    I would actually recommend _against_ using OpenDNS.
    • CommentAuthorautaonline
    • CommentTimeAug 11th 2008
     permalink
    Exactly. And the funny thing is - the OEM (Dell etc.) stuff they complain about provides this on clicking "What's this?" link:

    ---
    This page is meant to provide you with helpful related content, including web search results and paid advertisements, based on the meaning of the web address/keyword query that you typed. This program can be uninstalled from the Control Panel "Add/Remove Programs" in Windows XP or "Control Panel > Program > Programs and Features" in Windows Vista. Look for the application named "Browser Address Error Redirector". Older versions may be called "GoogleAFE" or "URL Assistant".
    ---

    Crystal clear instructions how to get rid of the unwanted redirect. Go check for yourself, e.g. http://www.google.com/hws/dell/afe? or http://www.google.com/hws/sony/afe? or whatever else.

    Now guess what kind of instructions does the OpenDNS staff provide on their hijacked Google -> Yahoo search? Ah riiight - nill, nada, zero, nothing usefull. They haven't bother to post a single reaction here for some 14 months. And they have the guts to moan about bad practices and pretend themselves to be the good guys? WTF! :angry:
    • CommentAuthorchristiann
    • CommentTimeAug 12th 2008 edited
     permalink
    ping www.google.com
    PING google.navigation.opendns.com (208.67.216.231) 56(84) bytes of data.
    64 bytes from 208.67.216.231: icmp_seq=1 ttl=54 time=97.6 ms
    64 bytes from 208.67.216.231: icmp_seq=2 ttl=54 time=97.7 ms
    .
    .
    .
    64 bytes from 208.67.216.231: icmp_seq=12 ttl=54 time=97.2 ms
    64 bytes from 208.67.216.231: icmp_seq=13 ttl=54 time=97.4 ms

    --- google.navigation.opendns.com ping statistics ---
    13 packets transmitted, 13 received, 0% packet loss, time 181160ms
    rtt min/avg/max/mdev = 97.204/97.696/98.302/0.378 ms


    Look at those horrible ping times. This is from an Ubuntu 8.04 machine. This is ridiculous.

    Edit: Changes my OpenDNS Network settings (which still burns me that I had to create a network!) and this is the result:

    ping www.google.com
    PING www.l.google.com (66.249.91.147) 56(84) bytes of data.
    64 bytes from ik-in-f147.google.com (66.249.91.147): icmp_seq=1 ttl=243 time=124 ms
    64 bytes from ik-in-f147.google.com (66.249.91.147): icmp_seq=2 ttl=243 time=121 ms
    64 bytes from ik-in-f147.google.com (66.249.91.147): icmp_seq=3 ttl=243 time=123 ms

    --- www.l.google.com ping statistics ---
    3 packets transmitted, 3 received, 0% packet loss, time 1999ms
    rtt min/avg/max/mdev = 121.526/123.195/124.644/1.282 ms

    Second edit: I removed a mild inflammatory remark telling OpenDNS they are not my mother nor my system admin and realized I needed to explain the results above. The ping times seem longer now that it it is hitting the Google servers, but the time to resolve is EXTREMELY shorter. With OpenDNS proxying, it would take between 5 and 10 seconds for the first packet to resolve. Now it is instantaneous.
    • CommentAuthorchristiann
    • CommentTimeAug 15th 2008
     permalink
    Sorry for the double post.

    I have been going back and forth in e-mail with Daniel Gifford the Community Manager. The basic explanation is that Dell and Google entered in to a partnership to install some crappy software on Dell computers that redirects someone to a paid advertisement search results page when they enter a word or phrase in the address bar that is not a correct web address.

    The examples used were entering Digg or Digg.xom in to the web address box of your browser.

    OpenDNS has a service where they will redirect you to the correct web page in the case of a typo (Digg.xom) or recommend web sites (based on a Yahoo search) if it is determined that it wasn't a typo.

    Here is an official write-up that does a better job than I at explaining this:
    http://blog.opendns.com/2007/05/22/google-turns-the-page/

    I still have a few problems with this, which I will be e-mailing Mr. Gifford about after posting this message. OpenDNS has a much better privacy policy:
    http://www.opendns.com/privacy/
    than most services/companies, but there are a few things that still bother me.

    If I learn anything earth shattering I will post again, going for the highly despised triple post.
    • CommentAuthorsunnz
    • CommentTimeAug 15th 2008
     permalink
    It doesn't matter, anyone have read the thread would have known this for now, but sadly OpenDNS staff simply doesn't care. Using another DNS provider is the most appropriate thing to do.
    • CommentAuthordwrz
    • CommentTimeAug 17th 2008
     permalink
    Cripes. Thanks to everyone on this thread. Ditching this thing right now.
    • CommentAuthormfournier
    • CommentTimeAug 22nd 2008
     permalink
    Christann,
    Ping rtt isn't the only thing to consider in the specific case of google (some others sites may also apply but very few).

    As you may know, www.google.com isn't one single server, but more a sort of worldwide dispatched cluster. And they use some kind of clever dns & routing magic to always direct you to the closest gateway to their cluster, depending on where you are located. This is why google is always super fast compared to most websites, which may be hosted quite far away from you.

    When using opendns servers (opendns proxy setting diabled), I have a slow ping rtt to www.google.com and traceroute tells me I am 17-18 hops away from www.google.com. When using my ISP's DNS servers, I have a very fast ping response and I am only 10 hops away from google. I suspect opendns sends me the IP address of the nearest google gateway from their location, not mine. They can't do much against that.

    The workaround is to find out which is your closest google "point of presence" and put it statically into your config (hosts file or local dns cache, several different solutions are posted above). This way you have your usual super-fast and unfiltered google functionalities and still benefit from all opendns's advantages.

    By the way, I must say I prefer that small and innovative companies like opendns earn money with ads I might generate than dell-i-make-money-selling-defective-hardware or google-big-brother-is-watching-you...
    • CommentAuthorhwttdz
    • CommentTimeAug 24th 2008
     permalink
    I needed to use opendns while I was working at a site where the default dns server was unresponsive. However, I found that I was unable to restore the behavior of my webbrowser to what it was before configuring opendns following the suggestions in this thread. I found that words typed into the address bar were always redirected to "http://guide.opendns.com?url=$searchterm" where $searchterm is what I put in the address. My solution to this was to host a simple website which performs a redirect to http://www.google.com/search?hl=en&q=$searchterm (I speak english, hence the en, however I'm sure you could change it to whatever you wanted). Additionally I edited my hosts file to point guide.opendns.com to this website. The result is that a word (or string of words) typed in the address bar as a search are sent to "guide.opendns.com" which is manually pointed at my site which seamlessly sends me to the google search results for my search term.

    Hope this helps. I'm not prone to share the address of this website because 1) it's hosted on my home machine which isn't always on and 2) I'm worried I might somehow manage to get myself in legal trouble.
    • CommentAuthorhwttdz
    • CommentTimeAug 24th 2008 edited
     permalink
    removing doublepost
    • CommentAuthorbrianguy
    • CommentTimeAug 26th 2008
     permalink
    I also removed OpenDNS from all of my networks/servers/computers after the shocking revelation that they were hijacking Google traffic against my knowledge. I discovered this after spending an hour or so troubleshooting very slow Google performance. Once I identified that OpenDNS was hijacking Google traffic, I reverted to ISP DNS, and voila - Google became fast again.

    I agree that this is an ethical issue, too, since it was not disclosed clearly, and so many of us didn't realize OpenDNS would be hijacking our Google searches if we used them for DNS.

    Formerly an OpenDNS fan,
    Brian:shocked:
    • CommentAuthorsunnz
    • CommentTimeAug 27th 2008
     permalink
    The worst of the worst is the lack of responses from the OpenDNS people regarding to this matter, after 88 posts, more than a year long thread.

    I would suspect that it is more than just the Dell stuff, OpenDNS is probably getting lots of cash doing this, and wanted to keep it uninformed to new users as they can, so they kept quite about this.
  8.  permalink
    I don't believe it - I am speechless!!

    Although I have no problems with Google's speed I am very confused about that redirection. Does OpenDNS get payed for collecting our search queries, maybe from Yahoo?

    Team of OpenDNS - TELL US THE TRUTH!!!
  9.  permalink
    Interesting statement - maybe Google's tools and software and/or infrastructure makes it necessary for OpenDNS to proxy google:

    http://www.opendns.com/support/article/244
  10.  permalink
    -
    • CommentAuthorsunnz
    • CommentTimeSep 10th 2008 edited
     permalink
    It is true that OpenDNS earns money from Yahoo searches, they have documented it publicly.

    It is the Google redirection thing that they haven't responded. But the redirection doesn't goes to Yahoo, so I don't know why they don't respond. Maybe it is more than just money, maybe Yahoo is studying why people use Google over them, or something, but no one knows, OpenDNS could possibly violating the privacy of all of its users, as well as milking money from else where.

This discussion has been inactive for longer than 30 days, and is thus closed.