Dns-operations mailing list

[Jeff Taylor <shdwdrgn AT sourpuss.net>]

Wow that certainly IS odd.  If you ever find out what is going on with
your ISP's lookups, I would be curious to know what they find.

Meanwhile, you mentioned that you continue to get a single address
returned for facebook.  This could potentially be due to caching on your
server.  When I do a query, I also get the same IP returned every time. 
However I have 5 different DNS servers running here, and if I query each
machine directly, each one will return a different IP (but will continue
to return the same IP after I have made the query).  To get a different
answer, I have to restart bind9, then restart nscd, before my cache is
completely cleared and I can get a new IP.


On 09/27/2012 08:53 AM, Simon wrote:
> On 09/26/12 23:29, Jeff Taylor wrote:
>> I ran your queries below and compared the serial for facebook.com
>> between what my server answers, and what I got from google's own open
>> dns servers (8.8.8.8 and 8.8.4.4).  I'm sorry to say that the
>> information I got in both cases does match... 2008120070.  What this
>> means to me is that your ISP's replies are highly suspect.  It is
>> possible they are one of many who redirect traffic from popular sites to
>> collect ad revenue for themselves.
> Well, this is getting stranger but not for the reason you thought. My
> ISP are looking into this as they are confused as to why the results are
> different using their nameservers too. They are an ISP aimed at
> technical people and they have a policy of not messing about with
> traffic at all.
>
> To make this stranger, the CNAME which is returned by their nameservers
> points to a valid FB address which can be resolved directly from
> Facebook's internet facing DNS servers. When you browse to this name,
> you get the facebook site as usual.
>
> The other unusual thing is that whilst my server returns mostly the same
> information as others (for example 8.8.8.8) the A record for
> www.facebook.com always returns the same IP from my server, it changes
> on every query from other servers, as you would expect. The AAAA record
> returned is also a different IPv6 address but also stays static.
>
> It looks like I'm going to have to do some more investigation around
> this issue. I have since heard reports that others around the UK are
> experiencing the same problems from different DNS servers and different
> ISPs.
>
> All of this just so my family can access FB. Meanwhile, i'm installing
> Diaspora* :-)
>
> Thanks again for your help.
>
> Kind regards
>
>
> Simon
>
>
> ----
> To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org