At home, using 8.8.8.8, if I goto www.nike.com<http://www.nike.com>, I get rerouted to nike.com/ca. I cleared the dns cache (I'm running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks Becki in Detroit
On Wed, Jan 6, 2021 at 1:42 PM Kain, Becki (.) <bkain1@ford.com> wrote:
At home, using 8.8.8.8, if I goto www.nike.com, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
Welcome to Why You Shouldn't Make Customer-Visible Decisions Based On DNS Resolver Geolocation or DNS Load Balancing Sucks 101. Nike.com is geolocating the server IP address which requests the web site address. This isn't yours or 8.8.8.8 but instead some unicast IP address to which your 8.8.8.8 packet was routed. Possibly in Canada. Nike appears to think so. Regards, Bill Herrin -- Hire me! https://bill.herrin.us/resume/
On Wed, Jan 6, 2021 at 1:48 PM William Herrin <bill@herrin.us> wrote:
On Wed, Jan 6, 2021 at 1:42 PM Kain, Becki (.) <bkain1@ford.com> wrote:
At home, using 8.8.8.8, if I goto www.nike.com, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
Welcome to Why You Shouldn't Make Customer-Visible Decisions Based On DNS Resolver Geolocation or DNS Load Balancing Sucks 101.
Nike.com is geolocating the server IP address which requests the web site address. This isn't yours or 8.8.8.8 but instead some unicast IP address to which your 8.8.8.8 packet was routed. Possibly in Canada. Nike appears to think so.
Though I'm probably talking out my tail since this is an HTTP redirect which would know your originating IP address (unless you're knowingly or unknowingly using a proxy). -Bill -- Hire me! https://bill.herrin.us/resume/
On Wed, Jan 6, 2021 at 4:52 PM William Herrin <bill@herrin.us> wrote:
On Wed, Jan 6, 2021 at 1:48 PM William Herrin <bill@herrin.us> wrote:
On Wed, Jan 6, 2021 at 1:42 PM Kain, Becki (.) <bkain1@ford.com> wrote:
At home, using 8.8.8.8, if I goto www.nike.com, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
Welcome to Why You Shouldn't Make Customer-Visible Decisions Based On DNS Resolver Geolocation or DNS Load Balancing Sucks 101.
Nike.com is geolocating the server IP address which requests the web site address. This isn't yours or 8.8.8.8 but instead some unicast IP address to which your 8.8.8.8 packet was routed. Possibly in Canada. Nike appears to think so.
Though I'm probably talking out my tail since this is an HTTP redirect
quite possible' :) (you don't normally, but I think the HTTP thing is the 'gotcha')
which would know your originating IP address (unless you're knowingly or unknowingly using a proxy).
the flow here is PROBABLY: "some dns query which doesn't really matter" by client "some http(s) connect to the server by the client (beki)" "server looks up 'client address' in a 'database of geo ip mapping' and says; "you are in CA(nada) so... 302 /ca pls!" good times! :) (also, typical geo ip problems :( bummer!)
-Bill
-- Hire me! https://bill.herrin.us/resume/
On Wed, Jan 6, 2021 at 2:00 PM Christopher Morrow <morrowc.lists@gmail.com> wrote:
quite possible' :) (you don't normally, but I think the HTTP thing is the 'gotcha')
Yeah, it got me. I realized it shortly after sending the email.
(also, typical geo ip problems :( bummer!)
Yeah, likely still qualifies as Using GeoIP For Customer-Visible Purposes Is Doomed To Failure. Though with web there could be a number of alternate explanations. Stale or misinterpreted cookies. Browser add-ons that proxy requests. Viruses or anti-virus programs that intercept and proxy requests. The number of squirrelly things that browsers and web sites do boggles the mind. Regards, Bill Herrin -- Hire me! https://bill.herrin.us/resume/
And they want to charge me more for the same running shoes and duty, since they think I'm in Canada. I mean, it's *right* there. I can kayak to Canada but don't buy running shoes 😊 -----Original Message----- From: NANOG <nanog-bounces+bkain1=ford.com@nanog.org> On Behalf Of Christopher Morrow Sent: Wednesday, January 06, 2021 5:00 PM To: William Herrin <bill@herrin.us> Cc: nanog@nanog.org Subject: Re: nike.com->nike.com/ca On Wed, Jan 6, 2021 at 4:52 PM William Herrin <bill@herrin.us> wrote:
On Wed, Jan 6, 2021 at 1:48 PM William Herrin <bill@herrin.us> wrote:
On Wed, Jan 6, 2021 at 1:42 PM Kain, Becki (.) <bkain1@ford.com> wrote:
At home, using 8.8.8.8, if I goto https://clicktime.symantec.com/3Uht9nQajoHJ8ns9Tk5znnb7Vc?u=www.ni ke.com, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
Welcome to Why You Shouldn't Make Customer-Visible Decisions Based On DNS Resolver Geolocation or DNS Load Balancing Sucks 101.
Nike.com is geolocating the server IP address which requests the web site address. This isn't yours or 8.8.8.8 but instead some unicast IP address to which your 8.8.8.8 packet was routed. Possibly in Canada. Nike appears to think so.
Though I'm probably talking out my tail since this is an HTTP redirect
quite possible' :) (you don't normally, but I think the HTTP thing is the 'gotcha')
which would know your originating IP address (unless you're knowingly or unknowingly using a proxy).
the flow here is PROBABLY: "some dns query which doesn't really matter" by client "some http(s) connect to the server by the client (beki)" "server looks up 'client address' in a 'database of geo ip mapping' and says; "you are in CA(nada) so... 302 /ca pls!" good times! :) (also, typical geo ip problems :( bummer!)
-Bill
-- Hire me! https://clicktime.symantec.com/32qZnFpJTAE5S9HAzgn8RnY7Vc?u=https%3A%2 F%2Fbill.herrin.us%2Fresume%2F
On 1/6/21 23:41, Kain, Becki (.) wrote:
At home, using 8.8.8.8, if I goto www.nike.com <http://www.nike.com>, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
What happens if you use your ISP's resolvers, instead? Mark.
I fail to see how this is a NANOG issue. Go to the bottom left of the page and select the correct region.
On 7 Jan 2021, at 08:41, Kain, Becki (.) <bkain1@ford.com> wrote:
At home, using 8.8.8.8, if I goto www.nike.com, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks
Becki in Detroit
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Don't use other people's recursive DNS servers. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Becki Kain (.)" <bkain1@ford.com> To: nanog@nanog.org Sent: Wednesday, January 6, 2021 3:41:20 PM Subject: nike.com->nike.com/ca At home, using 8.8.8.8, if I goto www.nike.com , I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks Becki in Detroit
When you send a DNS query to 8.8.8.8 it goes to the “nearest” resolver. Not nearest in terms of location since 8.8.8.8 is an anycast address and exists in many locations. It’s the BGP path to 8.8.8.8 that determines nearest. Next, the resolver does it’s thing and sends a query to the akamai DNS. That DNS is probably also an anycast address so again, how close is it? Akamai then tries to geo locate you but they have the IP of Google, not you. You get an IP and connect to that. Everything up till now probably doesn’t matter as it’s probably not the DNS that is causing what you see. The IP is not Nike but rather an akamai proxy. When you connect to akamai proxy, the proxy can see your IP and may do the Geo location lookup and pass what it thinks as your location to the content server. When it gets to the content server, it may use that Geo information but possibly not. It’s likely it’s not the content server but a load balancer. In either case, they may ignore any Geo lookup done by akamai and try to locate the incoming IP. Well, that’s actually the address of the akamai proxy. Hopefully the developers thought of this and had akamai pass your IP in a header and geo locate on that. It’s probably the content server that is sending an HTTP redirect to get you to the “/ca” location on the site. So there can be as many as 4 different times you are being geo-located. Which on actually matters is difficult to tell. Assuming Nike did a good job, it’s probably the Akamai proxy going the geo-locate and the code on the content server is consuming that and redirecting you to the location specific part of the site. [Medline_Signiture2]<http://www.medline.com/?cmpid=eid:signature-logo-US-Sales> Brian Dantzig Senior Network Engineer Information Services Medline Industries, Inc. www.medline.com<http://www.medline.com/?cmpid=eid:signature-link-US-Sales> Office: +1-847-837-2795 Mobile:+1-847-276-7169 bdantzig@medline.com<mailto:bdantzig@medline.com> From: NANOG <nanog-bounces+bdantzig=medline.com@nanog.org> on behalf of Mike Hammett <nanog@ics-il.net> Date: Thursday, January 7, 2021 at 7:40 AM To: "Becki Kain (.)" <bkain1@ford.com> Cc: "nanog@nanog.org" <nanog@nanog.org> Subject: Re: nike.com->nike.com/ca CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. ________________________________ Don't use other people's recursive DNS servers. ----- Mike Hammett Intelligent Computing Solutions<https://urldefense.com/v3/__http:/www.ics-il.com/__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDshTAj8XL$> [http://www.ics-il.com/images/fbicon.png]<https://urldefense.com/v3/__https:/www.facebook.com/ICSIL__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsgWgvwtA$>[http://www.ics-il.com/images/googleicon.png]<https://urldefense.com/v3/__https:/plus.google.com/*IntelligentComputingSolutionsDeKalb__;Kw!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsmwqFBfz$>[http://www.ics-il.com/images/linkedinicon.png]<https://urldefense.com/v3/__https:/www.linkedin.com/company/intelligent-computing-solutions__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsoegf7B0$>[http://www.ics-il.com/images/twittericon.png]<https://urldefense.com/v3/__https:/twitter.com/ICSIL__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsu_J-rGV$> Midwest Internet Exchange<https://urldefense.com/v3/__http:/www.midwest-ix.com/__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsoXLVPSN$> [http://www.ics-il.com/images/fbicon.png]<https://urldefense.com/v3/__https:/www.facebook.com/mdwestix__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDss384qEC$>[http://www.ics-il.com/images/linkedinicon.png]<https://urldefense.com/v3/__https:/www.linkedin.com/company/midwest-internet-exchange__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDst95e4gD$>[http://www.ics-il.com/images/twittericon.png]<https://urldefense.com/v3/__https:/twitter.com/mdwestix__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsqpksjXq$> The Brothers WISP<https://urldefense.com/v3/__http:/www.thebrotherswisp.com/__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsuZFFfvT$> [http://www.ics-il.com/images/fbicon.png]<https://urldefense.com/v3/__https:/www.facebook.com/thebrotherswisp__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsljilqZu$>[http://www.ics-il.com/images/youtubeicon.png]<https://urldefense.com/v3/__https:/www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDslRB3F7I$> ________________________________ From: "Becki Kain (.)" <bkain1@ford.com> To: nanog@nanog.org Sent: Wednesday, January 6, 2021 3:41:20 PM Subject: nike.com->nike.com/ca At home, using 8.8.8.8, if I goto www.nike.com<https://urldefense.com/v3/__http:/www.nike.com__;!!PoMpmxQzTok3!ux8PfKjcSqtK4NIlYhAFgw_77-3nVmlJpycBphh5cAH6N7iVD7qYTePDsvix-rpN$>, I get rerouted to nike.com/ca. I cleared the dns cache (I’m running Catalina macos) and rebooted just because. Anyone else seen a weirdism on this? thanks Becki in Detroit
* bdantzig@medline.com (Dantzig, Brian) [Thu 07 Jan 2021, 18:07 CET]:
When you send a DNS query to 8.8.8.8 it goes to the “nearest” resolver. Not nearest in terms of location since 8.8.8.8 is an anycast address and exists in many locations. It’s the BGP path to 8.8.8.8 that determines nearest. Next, the resolver does it’s thing and sends a query to the akamai DNS. That DNS is probably also an anycast address so again, how close is it? Akamai then tries to geo locate you but they have the IP of Google, not you. You get an IP and connect to that. Everything up till now probably doesn’t matter as it’s probably not the DNS that is causing what you see. The IP is not Nike but rather an akamai proxy. When you connect to akamai proxy, the proxy can see your IP and may do the Geo location lookup and pass what it thinks as your location to the content server. When it gets to the content server, it may use that Geo information but possibly not. It’s likely it’s not the content server but a load balancer. In either case, they may ignore any Geo lookup done by akamai and try to locate the incoming IP. Well, that’s actually the address of the akamai proxy. Hopefully the developers thought of this and had akamai pass your IP in a header and geo locate on that. It’s probably the content server that is sending an HTTP redirect to get you to the “/ca” location on the site.
I checked off list with Becki Kain and Akamai's geolocation is not placing her in Canada. I can't speculate as to what company Nike would be using for its decision to redirect to /ca on its website. -- Niels.
participants (8)
-
Christopher Morrow
-
Dantzig, Brian
-
Kain, Becki (.)
-
Mark Andrews
-
Mark Tinka
-
Mike Hammett
-
niels=nanog@bakker.net
-
William Herrin