NEW! See the updated info after GoDaddy responds.







GoDaddy's New "Selective DNS Blackouts" Policy

By R. Scott Perry on September 1, 2011

Since the beginning of the Internet, DNS (the protocol that converts domain names into IP addresses) has always been a sacred service. It is low cost, and mission critical. Blocking any DNS packets was always used as a last resort, only after all other options were exhausted, for fear of the consequences of what might happen. When you block DNS, you effectively block the web, E-mail, FTP, IM... just about everything.

Now that GoDaddy is a near monopoly (larger than the next 8 closest registrar competitors combined1), and just got bought out on July 1, 20112, they have decided they can defy the sacred. Customers be damned.

Less than a month after the new owners came on board, GoDaddy implemented a "Selective DNS Blackout" policy for all domains using their DNS hosting (roughly 32 million domains3). With this policy, they are choosing to allow their DNS servers to be underprovisioned4 (meaning that their servers are unable to gracefully handle their normal load). To prevent slow DNS, which would generate complaints quickly, they decided to block 100% of packets from hand-picked DNS servers based on volume and visibility. This reduces load somewhat, while making it difficult for customers to pinpoint GoDaddy as the problem.

A GoDaddy employee (who prefers to remain anonymous) confirmed that they have a policy in place to block DNS queries5, but their Advanced Technical Support Team refused to provide any details on the policy. The GoDaddy PR department declined to comment, but did not deny that the policy exists (they went silent after saying they would be happy to look into it). Perhaps the PR department realized that it will be a very controversial policy.

One example of a service affected by the "Selective DNS Blackout" policy is a niche search engine in development that helps people locate local businesses. The DNS service they use was blocked by GoDaddy without warning on July 30, 2011. GoDaddy later stated that the DNS traffic was a problem due to the traffic load (despite that traffic load being less than 15% higher than a year prior). Another example is a project that collects Internet statistics, with information on websites going back several years, that now cannot include new data for domains with DNS hosted by GoDaddy (and cannot, unless the policy is revoked).

The GoDaddy website, and other websites they own (bobparsons.com, godaddycash.com, jomax.net, spamfilter.com, supportwebsite.com, etc.), use their own DNS servers that do not have such load problems. As for why GoDaddy is doing this, we can only make educated guesses, as GoDaddy's PR department declined to comment. It doesn't appear to be the obvious reason, cost. Adding servers to handle the small 15% increase in load over a year ago would cost roughly the same as adding 1 employee -- a drop in the bucket for a company that already has over 3,000 employees, that gained more than $30M in revenue from those domains6, and just got a cash infusion.

What seems more likely is that the new owners of GoDaddy are trying to improve on the "Premium DNS" service, which appears to have been a failure. The Premium DNS service started around January, 2011. However, it appears not to be meeting their sales goals (99% of domains using GoDaddy DNS hosting are still using the free service7).

According to data by alexa.com, the weekday traffic to the godaddy.com website declined since this policy was put into effect, to its worst ranking in over 6 months. According to webhosting.info, the number of new domains registered with GoDaddy has plummeted since the policy was put into effect (from 248,036 per week on July 25, 2011 to 55,007 per week on August 8, 2011). It is not known whether DNS queries by Alexa or webhosting.info are now being blocked by GoDaddy; however, these are the types of applications that will be affected.

We now know that GoDaddy is willing to block DNS queries. Will it continue, or will others follow? What will happen to the Internet if all DNS hosting companies follow the same path? Only time will tell.







1. http://www.godaddy.com/NewsCenter/about-godaddy.aspx2. http://online.wsj.com/article/BT-CO-20110701-712397.html3. On August 1, 2011, at least 32,491,968 domains had at least one authoritative DNS server in the 216.69.185.0/26 IP range (used by the 'odd' GoDaddy DNS servers, e.g. ns01 and ns03).4. A senior support specialist mentioned that their normal level of DNS traffic had reached the point where it was "disruptive to service for our customers". Their PR department did not deny this.5. The E-mail refers to their blocking of DNS packets as a GoDaddy policy, as opposed to simply an action determined by an employee.6. Comparing the statistics for August 1, 2011 and August 31, 2010, GoDaddy's DNS servers host 4,104,995 more domains. At $8/domain, that would bring in $32.8M.7. On August 1, 2011, 241,046 domains had at least one authoritative DNS server using 216.69.185.50 (pdns01, one of two IPs used by Premium DNS at this time), compared to over 30,000,000 domains using GoDaddy DNS hosting on that date.