Charter DNS servers returning invalid IP addresses
Mark Andrews
marka at isc.org
Wed Oct 25 18:26:55 UTC 2023
It’s being filtered. Only Charter can tell you why.
--
Mark Andrews
> On 26 Oct 2023, at 05:07, Jason J. Gullickson via NANOG <nanog at nanog.org> wrote:
>
>
> I've been working for a week or so to solve a problem with DNS resolution for Charter customers for our domain bonesinjars.com. I've reached-out to Charter directly but since I'm not a customer I couldn't get any help from them. I was directed by a friend to this list in hopes that there may be able to reach a Charter/Spectrum engineer who might be able to explain and/or resolve this one.
>
> A dig against Google's DNS servers correctly returns 4 A records:
>
>
> dig bonesinjars.com 8.8.8.8
>
> ; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> bonesinjars.com 8.8.8.8
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31383
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;bonesinjars.com. IN A
>
> ;; ANSWER SECTION:
> bonesinjars.com. 60 IN A 198.49.23.145
> bonesinjars.com. 60 IN A 198.185.159.145
> bonesinjars.com. 60 IN A 198.49.23.144
> bonesinjars.com. 60 IN A 198.185.159.144
>
> ;; Query time: 1039 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
> ;; WHEN: Mon Oct 23 10:26:32 CDT 2023
> ;; MSG SIZE rcvd: 108
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26879
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;8.8.8.8. IN A
>
> ;; Query time: 35 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
> ;; WHEN: Mon Oct 23 10:26:32 CDT 2023
> ;; MSG SIZE rcvd: 36
>
>
>
> Verizon, AT&T, Comcast and all other DNS servers we tested return the same 4 A records. However the same dig against a Charter DNS (24.196.64.53) returns only 127.0.0.54:
>
>
>
> dig bonesinjars.com 24.196.64.53
>
> ; <<>> DiG 9.16.1-Ubuntu <<>> bonesinjars.com 24.196.64.53
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17691
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;bonesinjars.com. IN A
>
> ;; ANSWER SECTION:
> bonesinjars.com. 60 IN A 127.0.0.54
>
> ;; Query time: 55 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Tue Oct 24 13:28:36 CDT 2023
> ;; MSG SIZE rcvd: 60
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4658
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;24.196.64.53. IN A
>
> ;; ANSWER SECTION:
> 24.196.64.53. 86400 IN A 24.196.64.53
>
> ;; Query time: 27 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Tue Oct 24 13:28:36 CDT 2023
> ;; MSG SIZE rcvd: 57
>
>
>
> Any help understanding and addressing this is greatly appreciated!
>
>
>
> Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20231026/81e2b373/attachment.html>
More information about the NANOG
mailing list