I have this strange problem resolving a particular host/domain name from all devices on my network which receive DHCP addresses from the modem and via that have their DNS server set to the modem 192.168.0.1. The missing host/domain is: www.example.com .
TL;DR help asks:
- If anyone with this modem and on NBN (HFC if it matters) and with normal DHCP/DNS back to the modem, could you also try: ping www.example.com from a machine?
- Does anyone know how to establish from the modem interface/logs which DNS server it is resolving via? That way I could check whether that DNS server is missing roots etc.
dig test resolving via Optus DNS server dnsany01.optusnet.com.au (good answer):
$ dig @126.96.36.199 www.example.com | grep "www.example.com"
; <<>> DiG 9.10.6 <<>> @188.8.131.52 www.example.com
;www.example.com. IN A
www.example.com. 59370 IN A 184.108.40.206
dig test resolving via Google DNS server (also good answer):
$ dig @220.127.116.11 www.example.com | grep "www.example.com"
; <<>> DiG 9.10.6 <<>> @18.104.22.168 www.example.com
;www.example.com. IN A
www.example.com. 20744 IN A 22.214.171.124
Why can't the modem resolve the valid address - which DNS server could it be using, or could it be doing weird filtering?
I figured that this problem could be easily fixed by setting either a) the DHCP OPTIONS DNS server set for clients, or b) the DNS service used by the WAN connection, but the modem UI is frustratingly displaying these settings but not allowing changes - do I need a better login than "optus" - "admin" maybe?
Support are friendly but I don't think they yet grok the nuance of this problem, or even that it is about DNS. They want me to factory reset everything in the house I think, starting with the modem, which is a right pain.
Any ideas why this host would fail to resolve? Every device on the network. If switching a phone from wifi->4G, immediately http://www.example.com can load.
Hey @javabrett, I've reached out to a colleague to see if I can get some more info on your query for you. We'll let you know when we have an update.
@YetAnotherAcc thanks for the reply.
I think (hope) that the use of example.com in that article, and indeed the host or sub-domain malicious.example.com are being used there as a safe example - a domain name that nobody will sue them over when used as a malicious example.
The reason that domain name comes up in-practices is - example.com is an IANA-managed Reserved Domain name and is defined in RFC2606 as:
second level domain names reserved which can be used as examples
So example.com should be both valid and OK, and shouldn't be blocked arbitrarily by DNS servers, routers or firewalls.
You're right @javabrett that was a bad "example" to choose 🤣.
I'm well aware of example.com's prevalence and use, but I seem to recall that there was some risk or potential risk associated with it. I can't seem to find anything about it now. And of course example.com's ubiquity is not helping my find it.
Thanks @YetAnotherAcc - ubiquity indeed! It's very heavily referenced in software tests as a known/benign address - https://github.com/search?q=%22example.com%22&type=code - 33 million+ hits on GitHub code search.
That is in fact how I first noticed it - software with failing tests that pass elsewhere (or pass when I VPN past the local DNS), which happen to attempt to resolve example.com.
Not too dire, but it makes me wonder - how many other holes or missing domains are there in my DNS via the modem? Would be good to know and understand the root cause.
Your best bet would probably be to ask Sagemcom about it as its next to impossible to get that level of technical information from Optus.
Their first response will probably be boilerplate "its Optus' custom firmware, so you'll have to ask them" but I have read 1 or 2 cases of them helping. You may need to push a little.
I'd be curious to know which domain and why. It may even simply be a bug caused by them not removing their own test code, who knows 😕.
I can do both with ASUS router and cloudflare DNS on my Optus FTTC service.
Note the cloudflare resolves the same as dnsany01.optusnet.com.au as shown:
Testing "www.example.com" against 3 DNS Servers.
DNS Server Result