Discuss mailing list

[Lennart Seitz <mail AT lseitz.de>]

Can you provide a traceroute to the round-robin/anycast IP you used?

On 31.08.2021 23:25, Se7en wrote:
> On 21-08-31 15:40:26, Lennart Seitz wrote:
>> what resolver did you use before switching to google? Keep in mind that
>> DNS is a plaintext protocol, perhaps somebody MITM your request?
> I am using both Anycast servers for resolver. As of Tue 31 Aug 2021
> 09:21:57 PM UTC the issue remains. I do not know how to detect the
> specific server the Anycast server brings back.
>
>> >From my side i can verify that duckduckgo.com is resolving correctly on
>> the T2 i am running and also the anycast (which you probabbly ment by
>> round-robin?) under 134.195.4.2 by NextGi.
> I do not know why this is, I have confirmed that switching from
> OpenNIC's Anycast to GoogleDNS fixes the problem. I have confirmed it
> is not the result of a hacked DNS Blackhole (my PiHole), and I have
> also confirmed it is not the result of malicious NAT. All signs point
> to an improper configuration on OpenNIC's end for their Anycast
> service.
>
> If there is additional debug information you request, I am willing to
> provide such within reason. 
>
>

-- 
Mit freundlichen Grüßen,
Lennart Seitz
PGP-Schlüssel: 0x187abd76a5660379 (https://pgp.lseitz.de/key.asc)
--