Originally Posted by cpayne5
Originally Posted by OVERKILL
Originally Posted by cpayne5
ZeeOSix -
One thing providers do with DNS is host the same IP at different geographic locations on separate servers (or load balance it across many, many servers in a geographic location - across multiple locations). This reduces latency when performing DNS lookups. So when you have folks ping the IPs listed (205.171.2.25 and 205.171.3.25), they may not be communicating with the same server you are. Your test results may vary and may not indicate anything of note in regards to your situation.
OpenDNS had a nice paper on how they implemented this, if you're interested. *edit - here's the OpenDNS paper -
https://umbrella.cisco.com/blog/high-availability-with-anycast-routing
So, going back to your call with the CenturyLink agent, they may not have been aware of this. So, the server they were querying may have been different than the one you were querying, causing conflicting results and them to say "everything's fine". The only way to determine if there is an issue is to get someone higher up the support chain who understands this.
Very easy to check with a few traceroutes typically. It's usually only large ISP's and providers like Cisco, Cloudflare, Google...etc somebody that provides DNS over a vast geographic or even global region that will invest the money in doing a large-scale distributed setup.
It would seem that the OP, who is on the network where those DNS server are located, and those of us who have tested from abroad, are getting similar results, so if it is distributed, then we have distributed garbage
Because the responses are not consistent regardless of where the ICMP traffic comes from.
Yeah, it may very well be distributed garbage. But, the CL agent wasn't seeing the same results (whether they knew what they were doing or not), which makes it a variable in the equation that's worth mentioning.
CL has service areas across the US, so I'm sure they've deployed anycast dns. I would hope any provider that's anything more than a regional would do so.
Yup, it may very well be that the actual distributed setup is the common thread, and source of the issue. Some ISP's spend a depressingly small amount of money on things like DNS.
Interesting side note: My enterprise fiber provider doesn't do DNS at all. Customers are expected to either use their own or a 3rd party.