[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: Got private IP address when resolve "home.sina.com" from China



I'm not sure how OpenDNS works with this domain, but I expect it is because they do not send EDNS Client Subnet (ECS) data to the sina.com/sina.com.cn name servers (OpenDNS will only send ECS to domains that have explicitly requested it by e-mail contact, while Google Public DNS autodetects ECS support).

The name servers for home.sina.com etc. are returning the bogus 10.10.10.10 address for ECS that geo-locates to China; this is probably intentional, and Google Public DNS will return their response.

$ dig +nocmd home.sina.com +subnet=58.217.249.0/24 @ns1.sina.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30553
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 8, ADDITIONAL: 9
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; CLIENT-SUBNET: 58.217.249.0/24/24
;; QUESTION SECTION:
;home.sina.com.                 IN      A

;; ANSWER SECTION:
home.sina.com.          60      IN      A       10.10.10.10

;; AUTHORITY SECTION:
sina.com.               86400   IN      NS      ns3.sina.com.cn.
sina.com.               86400   IN      NS      ns4.sina.com.cn.
sina.com.               86400   IN      NS      ns2.sina.com.
sina.com.               86400   IN      NS      ns1.sina.com.cn.
sina.com.               86400   IN      NS      ns1.sina.com.
sina.com.               86400   IN      NS      ns3.sina.com.
sina.com.               86400   IN      NS      ns4.sina.com.
sina.com.               86400   IN      NS      ns2.sina.com.cn.

;; ADDITIONAL SECTION:
ns1.sina.com.cn.        86400   IN      A       36.51.252.8
ns2.sina.com.cn.        86400   IN      A       180.149.138.199
ns3.sina.com.cn.        86400   IN      A       123.125.29.99
ns1.sina.com.           86400   IN      A       114.134.80.144
ns2.sina.com.           86400   IN      A       114.134.80.145
ns4.sina.com.cn.        86400   IN      A       121.14.1.22
ns3.sina.com.           86400   IN      A       180.149.138.199
ns4.sina.com.           86400   IN      A       123.125.29.99

;; Query time: 220 msec
;; SERVER: 114.134.80.144#53(114.134.80.144)
;; WHEN: Fri Jul 05 08:57:24 CDT 2019
;; MSG SIZE  rcvd: 352

Users in China are effectively being forced to use the alternate domain name sina.com.cn, which does resolve:

$ dig +nocmd home.sina.com.cn +subnet=114.114.114.114 @8.8.8.8
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44765
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; CLIENT-SUBNET: 114.114.114.114/32/24
;; QUESTION SECTION:
;home.sina.com.cn.              IN      A

;; ANSWER SECTION:
home.sina.com.cn.       59      IN      CNAME   spool.grid.sinaedge.com.
spool.grid.sinaedge.com. 59     IN      A       202.102.94.124

;; Query time: 515 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jul 05 08:58:29 CDT 2019
;; MSG SIZE  rcvd: 110

--
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
To post to this group, send email to public-dns-discuss AT googlegroups.com.
Visit this group at https://groups.google.com/group/public-dns-discuss.
To view this discussion on the web visit https://groups.google.com/d/msgid/public-dns-discuss/2bceab6f-1e43-4b00-a75a-22db260c3118%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.