DNS Hijacking? - FiOS Northeast

• Previous message (by thread): DNS Hijacking? - FiOS Northeast
• Next message (by thread): DNS Hijacking? - FiOS Northeast
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2019-01-09 at 18:30 +0000, Phil Lavin wrote:
> > We are seeing DNS requests for A and AAAA to 8.8.8.8 come back with
> > erroneous replies resolving to 146.112.61.106 when sent via FiOS
> > circuits in the northeast. Anyone else seeing issues with DNS on
> > FiOS in Northeast? Issue started around 12:25 AM ET this morning
> > and seems to be affecting customers in PA, RI, etc.. 
> 
> 146.112.61.106 appears to be an Anycast IP served by OpenDNS when
> pages are blocked by the Cisco Umbrella service - https://support.ope
> ndns.com/hc/en-us/articles/227986927-What-are-the-Cisco-Umbrella-
> Block-Page-IP-Addresses-
> 
> Are you sure the queries are going to Google 8.8.8.8 and not OpenDNS?
> 
> What URL(s) are you seeing this on?
> 
> Do you have a traceroute to 8.8.8.8 from an affected site?

You can also do:
 
 
   ~$ dig TXT test.dns.google.com @8.8.8.8
      "Thanks for using Google Public DNS."

hth,

-Jim P.

• Previous message (by thread): DNS Hijacking? - FiOS Northeast
• Next message (by thread): DNS Hijacking? - FiOS Northeast
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]