Discuss mailing list

[Se7en <se7en AT cock.email>]

On 21-08-31 15:40:26, Lennart Seitz wrote:
> what resolver did you use before switching to google? Keep in mind that
> DNS is a plaintext protocol, perhaps somebody MITM your request?

I am using both Anycast servers for resolver. As of Tue 31 Aug 2021
09:21:57 PM UTC the issue remains. I do not know how to detect the
specific server the Anycast server brings back.

> >From my side i can verify that duckduckgo.com is resolving correctly on
> the T2 i am running and also the anycast (which you probabbly ment by
> round-robin?) under 134.195.4.2 by NextGi.

I do not know why this is, I have confirmed that switching from
OpenNIC's Anycast to GoogleDNS fixes the problem. I have confirmed it
is not the result of a hacked DNS Blackhole (my PiHole), and I have
also confirmed it is not the result of malicious NAT. All signs point
to an improper configuration on OpenNIC's end for their Anycast
service.

If there is additional debug information you request, I am willing to
provide such within reason. 


-- 
|-----/                   | Se7en
     /  The One and Only! | se7en AT cock.email
    /                     | 0x0F83F93882CF6116
   /                      | https://se7en-site.neocities.org

Attachment: signature.asc
Description: PGP signature