RE: Connectivity problems to google via openDNS
Hello nanog, Just wondering if anyone is experiencing the same problem with google and openDNS on their end or knows what's going on there with openDNS. The problem just occurred about 20 minutes ago. Trace is as follows: http://inetpro.org/pastebin/2418 Kind regards, Mark
Mark wrote:
Hello nanog,
Just wondering if anyone is experiencing the same problem with google and openDNS on their end or knows what's going on there with openDNS. The problem just occurred about 20 minutes ago.
Don't do that then. OpenDNS is a form of censorware and almost certainly hijacking queries to Google (and numerous other sites), redirecting to its own servers. -- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
On Tue, Feb 09, 2010 at 09:56:23AM -0800, Jay Hennigan wrote:
Mark wrote:
Hello nanog,
Just wondering if anyone is experiencing the same problem with google and openDNS on their end or knows what's going on there with openDNS. The problem just occurred about 20 minutes ago.
Don't do that then.
OpenDNS is a form of censorware and almost certainly hijacking queries to Google (and numerous other sites), redirecting to its own servers.
It's also got some spectacularly odd failure modes. I was helping a customer diagnose a problem yesterday where when they attempted to connect to one server by name, they were reliably getting another server on the same network. Turned out that the DNS responses from OpenDNS (they were in a cafe somewhere with free wireless that was using OpenDNS) were giving slightly wrong addresses -- like the real address for example.com was 192.0.2.12, and OpenDNS was giving the response that example.com was at 192.0.2.16 (another server in the same cluster, hence the insane confusion). No wildcarding or recent DNS changes at our end, either -- it was just OpenDNS screwing things up *somehow*. "Never, ever use OpenDNS" is my recommendation. - Matt
On 2/9/10 3:43 PM, Matthew Palmer wrote:
Turned out that the DNS responses from OpenDNS (they were in a cafe somewhere with free wireless that was using OpenDNS) were giving slightly wrong addresses -- like the real address for example.com was 192.0.2.12, and OpenDNS was giving the response that example.com was at 192.0.2.16 (another server in the same cluster, hence the insane confusion). No wildcarding or recent DNS changes at our end, either -- it was just OpenDNS screwing things up *somehow*.
I've never heard of such a report until now. And if true, that would be shockingly bizarre behavior. In the past when I've heard similar, I have a 100% success rate in discovering it's actually a misconfiguration of authoritative records. Feel free to email me directly if you ever find yourself encountering a similar situation like that again and I'll be happy to troubleshoot it. Thanks, David
participants (4)
-
David Ulevitch
-
Jay Hennigan
-
Mark
-
Matthew Palmer