Comment by belorn
8 months ago
Could you give a example of such ISP? I have seen ISP block all DNS traffic beyond to their own server, but those have been fairly locked networks like hotel wifi. It is much cheaper, safer, and less fragile to just block everything and force customers to the isp own servers. DPI and traffic injection carries risk of false positives and minor engineering mistakes can create large support costs, and would really only be beneficial if the intention is to hide the fact of the block.
> It is much cheaper, safer, and less fragile to just block everything and force customers to the isp own servers.
Sure, that's common too. But that also precludes you from running your own recursive resolver to circumvent their blocks.