Discuss mailing list

[Se7en <se7en AT cock.email>]

On 21-09-01 20:11:54, eric wrote:
> Is it possible what you're witnessing is the following?
> 
> You->PiHole->OpenNic Anycast Server->DuckDuckGo Anycast DNS->IP closest to
> OpenNic Anycast Server

I do not know if this is the problem, as it was/is affecting ALL
websites including example.com. If you look at the Pleroma thread,
you'll see my screenshots of such. 

> And when you switch to your other dns service you see:
> 
> You->PiHole->DNS Service->DuckDuckGo Anycast DNS->IP Closest to DNS Service
> 
> You will receive a far wider range of returned IPs when using recursive DNS
> via anycast to anycast because the IP closest to the OpenNIC server is being
> returned, not the IP closest to you.

I am aware of this. 

> To test the MITM theory, request an IP for a domain that does not use
> anycast to deliver their DNS.  This IP should be the same using both OpenNIC
> and any other dns provider.

What servers exist to test? Is example.com also pushing out an
anycastDNS? And why does the returned IP come back as Facebook
frequently? 

-- 
|-----/                   | Se7en
     /  The One and Only! | se7en AT cock.email
    /                     | 0x0F83F93882CF6116
   /                      | https://se7en-site.neocities.org

Attachment: signature.asc
Description: PGP signature