Google DNS Oddity

Fri Sep 6 19:17:07 UTC 2019

> On Sep 6, 2019, at 3:11 PM, Chip Marshall via NANOG <nanog at nanog.org> wrote:
> 
> Hello, I'm seeing an oddity when doing DNS lookups for www.google.com from our
> London datacenter, and I'm curious if other people are seeing the same
> behavior.
> 
> It appears that when we ask for www.google.com. we sometimes get an answer
> that only contains records for www-anycast.google.com., which our resolver
> ignores as they don't match the query.
> 
> As seen with dig:
> 
> ```
> # dig @ns1.google.com. www.google.com. aaaa
> 
> ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @ns1.google.com. www.google.com. aaaa
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42641
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;www.google.com.			IN	AAAA
> 
> ;; ANSWER SECTION:
> www-anycast.google.com.	300	IN	AAAA	2001:4860:4802:34::75
> www-anycast.google.com.	300	IN	AAAA	2001:4860:4802:38::75
> www-anycast.google.com.	300	IN	AAAA	2001:4860:4802:36::75
> www-anycast.google.com.	300	IN	AAAA	2001:4860:4802:32::75
> 
> ;; Query time: 7 msec
> ;; SERVER: 216.239.32.10#53(216.239.32.10)
> ;; WHEN: Fri Sep 06 19:05:32 UTC 2019
> ;; MSG SIZE  rcvd: 167
> ```
> 
> So far I've observed this with A and AAAA queries. It's my understanding that
> without a CNAME record in the answer, the resolver is doing the right thing by
> ignoring the answer, as there's no linkage between www and www-anycast.
> 
> Is this broken, or is this just some weird DNS trick I've not come across
> before?

You may want to post on dns-operations instead.

Can you do a dig +trace www.google.com instead, that would be more instructive about what’s happening at each layer of the delegation.

- Jared