Menu
Reply
Highlighted
  • 24
  • 0
  • 4
On our wavelength
657 Views
Message 71 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hi Tim,

NS Lookup responds as follows:

 

nslookup www.evanscycles.com
Server:		###.###.###.###
Address:	###.###.###.####53

Non-authoritative answer:
www.evanscycles.com	canonical name = sni.ssl.evanscycles.com.c.footprint.net.
Name:	sni.ssl.evanscycles.com.c.footprint.net
Address: 8.241.5.122

date
Fri 13 Dec 2019 01:13:27 GMT

 

 

Trace route to www.evanscycles.com gives the following:

 

traceroute www.evanscycles.com
traceroute to sni.ssl.evanscycles.com.c.footprint.net (8.241.5.122), 64 hops max, 52 byte packets
 1  ###.###.###.### (###.###.###.###)  4.255 ms  3.583 ms  2.716 ms
 2  10.202.8.1 (10.202.8.1)  13.416 ms  13.536 ms  16.214 ms
 3  gate-core-2a-xe-520-0.network.virginmedia.net (82.2.240.81)  11.946 ms  13.918 ms  13.219 ms
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
31  * * *
32  * * *
33  * * *
34  * * *
35  * * *
36  * * *
37  * * *
38  * * *
39  * * *
40  * * *
41  * * *
42  * * *
43  * * *
44  * * *
45  * * *
46  * * *
47  * * *
48  * * *
49  * * *
50  * * *
51  * * *
52  * * *
53  * * *
54  * * *
55  * * *
56  * * *
57  * * *
58  * * *
59  * * *
60  * * *
61  * * *
62  * * *
63  * * *
64  * * *

 

 

Dig from macOS gives the following:

 

dig www.evanscycles.com

; <<>> DiG 9.10.6 <<>> www.evanscycles.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54327
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.evanscycles.com.		IN	A

;; ANSWER SECTION:
www.evanscycles.com.	3600	IN	CNAME	sni.ssl.evanscycles.com.c.footprint.net.
sni.ssl.evanscycles.com.c.footprint.net. 230 IN	A 8.241.5.122

;; Query time: 258 msec
;; SERVER: ###.###.###.####53(###.###.###.###)
;; WHEN: Fri Dec 13 01:19:47 GMT 2019
;; MSG SIZE  rcvd: 106

 

All the above are run with the Hub in Modem Mode.

Thanks for taking the time to assist with this to date as it's way beyond my level of knowledge in computer networking, it's much appreciated, If you need any further info just ask.

Regards,

Simon

0 Kudos
Reply
Highlighted
  • 24
  • 0
  • 4
On our wavelength
656 Views
Message 72 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

@DJ_Shadows1966,

Thanks for taking the time to look into this it's much appreciated.

Regards,

Simon

0 Kudos
Reply
Highlighted
  • 5.87K
  • 1.11K
  • 1.55K
Very Insightful Person
Very Insightful Person
630 Views
Message 73 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hello Simon

It is certainly a strange one as some DNS server it works with and some it doesn't, myself in IT a long time a lot in networks and first time I have seen something like this.

Mike

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Highlighted
  • 1.66K
  • 57
  • 159
Moderator
Moderator
627 Views
Message 74 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hi all, 

Thanks for getting back to me so quickly about this issue. 

I'm going to pass all of this information back onto the networks team so that we can continue our investigations. 

As soon as I have a further update I'll be back in touch on this thread. 

Thanks

Lucy_B

The do's and don'ts. Keep the community welcoming for all. Follow the house rules


0 Kudos
Reply
Highlighted
  • 18.6K
  • 1.09K
  • 8K
Very Insightful Person
Very Insightful Person
612 Views
Message 75 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hi Lucy

Many thanks for that.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Highlighted
  • 18.6K
  • 1.09K
  • 8K
Very Insightful Person
Very Insightful Person
600 Views
Message 76 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/


@sjforster wrote:

Hi Tim,

NS Lookup responds as follows:

 

 

nslookup www.evanscycles.com
Server:		###.###.###.###
Address:	###.###.###.####53

Non-authoritative answer:
www.evanscycles.com	canonical name = sni.ssl.evanscycles.com.c.footprint.net.
Name:	sni.ssl.evanscycles.com.c.footprint.net
Address: 8.241.5.122

date
Fri 13 Dec 2019 01:13:27 GMT

 

 

 

Trace route to www.evanscycles.com gives the following:

 

 

traceroute www.evanscycles.com
traceroute to sni.ssl.evanscycles.com.c.footprint.net (8.241.5.122), 64 hops max, 52 byte packets
 1  ###.###.###.### (###.###.###.###)  4.255 ms  3.583 ms  2.716 ms
 2  10.202.8.1 (10.202.8.1)  13.416 ms  13.536 ms  16.214 ms
 3  gate-core-2a-xe-520-0.network.virginmedia.net (82.2.240.81)  11.946 ms  13.918 ms  13.219 ms
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
31  * * *
32  * * *
33  * * *
34  * * *
35  * * *
36  * * *
37  * * *
38  * * *
39  * * *
40  * * *
41  * * *
42  * * *
43  * * *
44  * * *
45  * * *
46  * * *
47  * * *
48  * * *
49  * * *
50  * * *
51  * * *
52  * * *
53  * * *
54  * * *
55  * * *
56  * * *
57  * * *
58  * * *
59  * * *
60  * * *
61  * * *
62  * * *
63  * * *
64  * * *

 

 

 

Dig from macOS gives the following:

 

 

dig www.evanscycles.com

; <<>> DiG 9.10.6 <<>> www.evanscycles.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54327
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.evanscycles.com.		IN	A

;; ANSWER SECTION:
www.evanscycles.com.	3600	IN	CNAME	sni.ssl.evanscycles.com.c.footprint.net.
sni.ssl.evanscycles.com.c.footprint.net. 230 IN	A 8.241.5.122

;; Query time: 258 msec
;; SERVER: ###.###.###.####53(###.###.###.###)
;; WHEN: Fri Dec 13 01:19:47 GMT 2019
;; MSG SIZE  rcvd: 106

 

 

All the above are run with the Hub in Modem Mode.

Thanks for taking the time to assist with this to date as it's way beyond my level of knowledge in computer networking, it's much appreciated, If you need any further info just ask.

Regards,

Simon


Hi Simon - You should be able to leave the server IP visible.  If your router is running DNSMasq then it'll be the routers LAN IP, else it will be the IP of the DNS server responding to the query.

Either way it doesn't identify you personally.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Highlighted
  • 18.6K
  • 1.09K
  • 8K
Very Insightful Person
Very Insightful Person
588 Views
Message 77 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

@sjforster @DJ_Shadow1966 

This may confuse you now - but I've been having a look at the lookup for - sni.ssl.evanscycles.com.c.footprint.net.

I may be teaching people to suck eggs here - if so I apologise.

The first thing I did was run a dig +trace +nodnssec sni.ssl.evanscycles.com.c.footprint.net - which actually simulates a recursive DNS lookup

 

C:\Users\timdu_000>dig +trace +nodnssec a sni.ssl.evanscycles.com.c.footprint.net.

; <<>> DiG 9.11.8 <<>> +trace +nodnssec a sni.ssl.evanscycles.com.c.footprint.net.
;; global options: +cmd
.                       58132   IN      NS      f.root-servers.net.
.                       58132   IN      NS      d.root-servers.net.
.                       58132   IN      NS      h.root-servers.net.
.                       58132   IN      NS      m.root-servers.net.
.                       58132   IN      NS      e.root-servers.net.
.                       58132   IN      NS      b.root-servers.net.
.                       58132   IN      NS      j.root-servers.net.
.                       58132   IN      NS      c.root-servers.net.
.                       58132   IN      NS      a.root-servers.net.
.                       58132   IN      NS      i.root-servers.net.
.                       58132   IN      NS      g.root-servers.net.
.                       58132   IN      NS      l.root-servers.net.
.                       58132   IN      NS      k.root-servers.net.
;; Received 239 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

net.                    172800  IN      NS      a.gtld-servers.net.
net.                    172800  IN      NS      b.gtld-servers.net.
net.                    172800  IN      NS      c.gtld-servers.net.
net.                    172800  IN      NS      d.gtld-servers.net.
net.                    172800  IN      NS      e.gtld-servers.net.
net.                    172800  IN      NS      f.gtld-servers.net.
net.                    172800  IN      NS      g.gtld-servers.net.
net.                    172800  IN      NS      h.gtld-servers.net.
net.                    172800  IN      NS      i.gtld-servers.net.
net.                    172800  IN      NS      j.gtld-servers.net.
net.                    172800  IN      NS      k.gtld-servers.net.
net.                    172800  IN      NS      l.gtld-servers.net.
net.                    172800  IN      NS      m.gtld-servers.net.
;; Received 861 bytes from 192.58.128.30#53(j.root-servers.net) in 23 ms

footprint.net.          172800  IN      NS      ns100.footprint.net.
footprint.net.          172800  IN      NS      ns101.footprint.net.
footprint.net.          172800  IN      NS      ns102.footprint.net.
footprint.net.          172800  IN      NS      ns103.footprint.net.
footprint.net.          172800  IN      NS      ns105.footprint.net.
;; Received 332 bytes from 192.55.83.30#53(m.gtld-servers.net) in 24 ms

c.footprint.net.        86400   IN      NS      usa-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      apac-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-d.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-f.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-e.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-d.dns.footprint.net.
;; Received 1025 bytes from 2620:11b:e0f0:5300::1#53(ns100.footprint.net) in 18 ms

sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 81.150.21.130
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 81.150.21.229
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.247.189.122
c.footprint.net.        86400   IN      NS      eu-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-d.dns.footprint.net.
;; Received 196 bytes from 4.23.53.151#53(eu-b.dns.footprint.net) in 18 ms

 

This let me see the nameservers that were authoritative for the subdomain c.footprint.net  as found in the parent domain.

 

c.footprint.net.        86400   IN      NS      usa-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      apac-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-d.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-f.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-e.dns.footprint.net.
c.footprint.net.        86400   IN      NS      usa-d.dns.footprint.net.
;; Received 1025 bytes from 2620:11b:e0f0:5300::1#53(ns100.footprint.net) in 18 ms

 

Note: that it is this full list that is used to pick a nameserver rather than the list found after the A results

 

sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.247.189.250
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 81.150.21.228
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 81.150.20.128
c.footprint.net.        86400   IN      NS      eu-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-d.dns.footprint.net.
;; Received 196 bytes from 8.27.242.155#53(usa-d.dns.footprint.net) in 221 ms

 

We can see that the result was returned from usa-d.dns.footprint.net whereas the namservers listed in the zone itself only show the 4 eu servers.

Could you use the list generated above to run a request from one or two of the 11 servers in the list so we can get an authoritative result?

Edit here's an example.

C:\Users\timdu_000>dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-a.dns.footprint.net

; <<>> DiG 9.11.8 <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-a.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33496
;; flags: qr aa; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 67.27.253.250
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.247.189.122
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 67.27.253.122

;; AUTHORITY SECTION:
c.footprint.net.        86400   IN      NS      eu-a.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-b.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-c.dns.footprint.net.
c.footprint.net.        86400   IN      NS      eu-d.dns.footprint.net.

;; Query time: 25 msec
;; SERVER: 8.253.5.27#53(8.253.5.27)
;; WHEN: Fri Dec 13 12:12:23 GMT Standard Time 2019
;; MSG SIZE  rcvd: 196

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Highlighted
  • 5.87K
  • 1.11K
  • 1.55K
Very Insightful Person
Very Insightful Person
578 Views
Message 78 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hello Tim

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-a.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12826
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net. 86400 IN NS eu-a.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-b.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-c.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-d.dns.footprint.net.

;; Query time: 34 msec
;; SERVER: 8.253.90.155#53(8.253.90.155)
;; WHEN: Fri Dec 13 12:16:17 UTC 2019
;; MSG SIZE rcvd: 164

sysadmin@mort:~$ dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-d.dns.footprint.net

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-d.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8950
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net. 86400 IN NS eu-a.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-b.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-c.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-d.dns.footprint.net.

;; Query time: 51 msec
;; SERVER: 8.254.35.153#53(8.254.35.153)
;; WHEN: Fri Dec 13 12:19:46 UTC 2019
;; MSG SIZE rcvd: 164

 

sysadmin@mort:~$ dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @usa-a.dns.footprint.net

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @usa-a.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40199
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net. 86400 IN NS eu-a.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-b.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-c.dns.footprint.net.
c.footprint.net. 86400 IN NS eu-d.dns.footprint.net.

;; Query time: 120 msec
;; SERVER: 8.27.84.25#53(8.27.84.25)
;; WHEN: Fri Dec 13 12:20:27 UTC 2019
;; MSG SIZE rcvd: 164

 

Regards Mike

 

 

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Highlighted
  • 18.6K
  • 1.09K
  • 8K
Very Insightful Person
Very Insightful Person
561 Views
Message 79 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hi Mike

Thanks for that,

So unless the c.footprint.net domain has the wrong IP address in it's Zone - this is not a DNS failure.  Virgin Media's DNS servers are collecting the right response.

Which leaves the issue down to routing to that particular IP address.

@Lucy_B  - I hope you find this helpful.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Highlighted
  • 24
  • 0
  • 4
On our wavelength
539 Views
Message 80 of 96
Flag for a moderator

Re: Unable to access https://www.evanscycles.com/

Hi Tim,


@ravenstar68 wrote:

Hi Simon - You should be able to leave the server IP visible.  If your router is running DNSMasq then it'll be the routers LAN IP, else it will be the IP of the DNS server responding to the query.

Either way it doesn't identify you personally.

Tim


Apologies I always thought it was good practice not to show your internal ip schema.  The IP address I've redacted is the routers LAN IP, so it's running DNSMasq.


@ravenstar68 wrote:

Could you use the list generated above to run a request from one or two of the 11 servers in the list so we can get an authoritative result?

 


I've ran a request to all of the servers listed, I've included a few responses below for info.

 

dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-c.dns.footprint.net

; <<>> DiG 9.10.6 <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-c.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46405
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN	A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net.	86400	IN	NS	eu-a.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-b.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-c.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-d.dns.footprint.net.

;; Query time: 55 msec
;; SERVER: 206.33.48.27#53(206.33.48.27)
;; WHEN: Fri Dec 13 23:24:50 GMT 2019
;; MSG SIZE  rcvd: 164

 

 

 

dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-d.dns.footprint.net

; <<>> DiG 9.10.6 <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @eu-d.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34219
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN	A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net.	86400	IN	NS	eu-a.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-b.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-c.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-d.dns.footprint.net.

;; Query time: 80 msec
;; SERVER: 8.254.35.153#53(8.254.35.153)
;; WHEN: Fri Dec 13 23:35:59 GMT 2019
;; MSG SIZE  rcvd: 164

 

 

 

dig a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @usa-f.dns.footprint.net

; <<>> DiG 9.10.6 <<>> a +norecurse sni.ssl.evanscycles.com.c.footprint.net. @usa-f.dns.footprint.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55431
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1200
;; QUESTION SECTION:
;sni.ssl.evanscycles.com.c.footprint.net. IN A

;; ANSWER SECTION:
sni.ssl.evanscycles.com.c.footprint.net. 230 IN	A 8.241.5.122

;; AUTHORITY SECTION:
c.footprint.net.	86400	IN	NS	eu-a.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-b.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-c.dns.footprint.net.
c.footprint.net.	86400	IN	NS	eu-d.dns.footprint.net.

;; Query time: 152 msec
;; SERVER: 198.78.199.153#53(198.78.199.153)
;; WHEN: Fri Dec 13 23:37:09 GMT 2019
;; MSG SIZE  rcvd: 164

 

All returned the IP address 8.241.5.122 in the Answer Section which is the one which fails to respond.

I also tried your dig command at the beginning of your post 

 

dig +trace +nodnssec a sni.ssl.evanscycles.com.c.footprint.net.

 

 

Not sure if its an issue with the switches with dig on macOS, or the version of dig or if it symptomatic of the problem I've got but the response I received was:

 

dig +trace +nodnssec a sni.ssl.evanscycles.com.c.footprint.net.

; <<>> DiG 9.10.6 <<>> +trace +nodnssec a sni.ssl.evanscycles.com.c.footprint.net.
;; global options: +cmd
;; connection timed out; no servers could be reached

 

 

Regards,

Simon

0 Kudos
Reply