nanog mailing list archives
Charter DNS servers returning invalid IP addresses
From: Sylvain BAYA <abscoco () gmail com>
Date: Thu, 26 Oct 2023 00:37:37 +0100
Dear NANOG-er, Hope this email finds you in good health! Please see my comments below, inline... Thanks, Le 25/10/2023 à 18:50, Jason J. Gullickson via NANOG a écrit :
I've been working for a week or so to solve a problem with DNS resolution for Charter customers for our domain bonesinjars.com. I've reached-out to Charter directly but since I'm not a customer I couldn't get any help from them. I was directed by a friend to this list in hopes that there may be able to reach a Charter/Spectrum engineer who might be able to explain and/or resolve this one.A dig against Google's DNS servers correctly returns 4 A records: dig bonesinjars.com 8.8.8.8
...instead of the above, you could try the following command: `dig bonesinjars.com. @9.9.9.9 +nsid +edns=0 +all +short` Please, do note the sign `@` and the trailing dot `.`
[...] ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26879 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;8.8.8.8. IN A
...this is unexpected! given what you said.
;; Query time: 35 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) ;; WHEN: Mon Oct 23 10:26:32 CDT 2023 ;; MSG SIZE rcvd: 36Verizon, AT&T, Comcast and all other DNS servers we tested return the same 4 A records. However the same dig against a Charter DNS (24.196.64.53) returns only 127.0.0.54:dig bonesinjars.com 24.196.64.53
`dig cmnog.cm. @24.196.64.53 +nsid +edns=0 +all` or dig cmnog.cm. @`dig -x 24.196.64.53 +short` +nsid +edns=0 +all
; <<>> DiG 9.16.1-Ubuntu <<>> bonesinjars.com 24.196.64.53 [...] ;; QUESTION SECTION: ;bonesinjars.com. IN A ;; ANSWER SECTION: bonesinjars.com. 60 IN A 127.0.0.54 [...] ;; QUESTION SECTION: ;24.196.64.53. IN A
...it's not what you wanted to test! `dig` understood it otherwise. ...associating the @ sign with the above IPv4 address would have corrected the behavior of `dig`: *@24.196.64.53*
;; ANSWER SECTION: 24.196.64.53. 86400 IN A 24.196.64.53 ;; Query time: 27 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) [...] Any help understanding and addressing this is greatly appreciated!
Hi Jason, Thanks for your email, brother. ...you should note that: n#1. each of the command you shared above is not producing the expected behavior. Please replace it by the one i suggested, and observe the diff. n#2. the DNS resolver you try to use appears to not being, actually, available for any request. Just try: `dig @24.196.64.53 cm.` or even: `dig @24.196.64.53 ns1.charter.com.` Maybe you should, first clarify what you needed to achieve. That said! maybe it's a simple matter of changing a DNS resolver? have you ask to someone within Charter's network to try with quad9, for example? ...or any other public DNS resolver, to be fair. Hope this helps! Shalom, --sb.
Jason
-- Best Regards ! baya.sylvain [AT cmNOG DOT cm]|cmNOG's Structure <https://www.cmnog.cm/dokuwiki/Structure>|cmNOG's Surveys <https://survey2.cmnog.cm/>|Subscribe to cmNOG's Mailing List <https://lists.cmnog.cm/mailman/listinfo/cmnog>|
__#LASAINTEBIBLE|#Romains15:33«*Que LE #DIEU de #Paix soit avec vous tous! #Amen!*» #MaPrière est que tu naisses de nouveau.#Chrétiennement «*Comme une biche soupire après des courants d’eau, ainsi mon âme soupire après TOI, ô DIEU!*» (#Psaumes42:2)
Attachment:
OpenPGP_0x0387408365AC8594.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses, (continued)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Compton, Rich A (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Owen DeLong via NANOG (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Tim Burke (Oct 30)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Michael Thomas (Oct 27)
- Re: [EXTERNAL] DNS filtering in practice, Re: Charter DNS servers returning malware filtered IP addresses John Levine (Oct 29)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Eric Kuhnke (Oct 27)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Glenn McGurrin via NANOG (Oct 28)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Glenn Kelley (Oct 29)
- RE: Charter DNS servers returning invalid IP addresses Greg Dickinson (Oct 25)
- Re: Charter DNS servers returning invalid IP addresses Bryan Fields (Oct 25)
- Re: Charter DNS servers returning invalid IP addresses J. Hellenthal via NANOG (Oct 26)
- Re: Charter DNS servers returning invalid IP addresses John Levine (Oct 27)