cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
javabrett
Occasional Contributor
Occasional Contributor

Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

I have this strange problem resolving a particular host/domain name from all devices on my network which receive DHCP addresses from the modem and via that have their DNS server set to the modem 192.168.0.1.  The missing host/domain is: www.example.com .

TL;DR help asks:

- If anyone with this modem and on NBN (HFC if it matters) and with normal DHCP/DNS back to the modem, could you also try: ping www.example.com from a machine?
- Does anyone know how to establish from the modem interface/logs which DNS server it is resolving via?  That way I could check whether that DNS server is missing roots etc.

More details:

dig test resolving via modem as DNS (no answer):
$ dig @192.168.0.1 www.example.com | grep "www.example.com"
; <<>> DiG 9.10.6 <<>> @192.168.0.1 www.example.com
;www.example.com. IN A

dig test resolving via Optus DNS server dnsany01.optusnet.com.au (good answer):
$ dig @198.142.152.164 www.example.com | grep "www.example.com"
; <<>> DiG 9.10.6 <<>> @198.142.152.164 www.example.com
;www.example.com. IN A
www.example.com. 59370 IN A 93.184.216.34

dig test resolving via Google DNS server (also good answer):
$ dig @8.8.8.8 www.example.com | grep "www.example.com"
; <<>> DiG 9.10.6 <<>> @8.8.8.8 www.example.com
;www.example.com. IN A
www.example.com. 20744 IN A 93.184.216.34

Why can't the modem resolve the valid address - which DNS server could it be using, or could it be doing weird filtering?

I figured that this problem could be easily fixed by setting either a) the DHCP OPTIONS DNS server set for clients, or b) the DNS service used by the WAN connection, but the modem UI is frustratingly displaying these settings but not allowing changes - do I need a better login than "optus" - "admin" maybe?

Support are friendly but I don't think they yet grok the nuance of this problem, or even that it is about DNS.  They want me to factory reset everything in the house I think, starting with the modem, which is a right pain.

Any ideas why this host would fail to resolve?  Every device on the network.  If switching a phone from wifi->4G, immediately http://www.example.com can load.

Tags (1)
0 Kudos
Reply
13 Replies
YetAnotherAcc
Respected Contributor
Respected Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

Reading this article leads me to believe its Sagemcoms way of doing malware mitigation related to example.com.

0 Kudos
Reply
Jack_YC
Moderator
Moderator

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

Hey @javabrett, I've reached out to a colleague to see if I can get some more info on your query for you. We'll let you know when we have an update.  

----------------------------------------------------------------------------------------------------------------- I’m part of the Yes Crowd team, employed by Optus to help run our online community.

Did we answer your question? Please mark it as a Accepted Solution and if you see something that was helpful to you or the rest of the community, giving a Kudos is only a click away.

javabrett
Occasional Contributor
Occasional Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

@YetAnotherAcc thanks for the reply.

I think (hope) that the use of example.com in that article, and indeed the host or sub-domain malicious.example.com are being used there as a safe example - a domain name that nobody will sue them over when used as a malicious example.

The reason that domain name comes up in-practices is - example.com is an IANA-managed Reserved Domain name[1] and is defined in RFC2606 as:

second level domain names reserved which can be used as examples

So example.com should be both valid and OK, and shouldn't be blocked arbitrarily by DNS servers, routers or firewalls.

[1] https://www.iana.org/domains/reserved
[2] https://tools.ietf.org/html/rfc2606

0 Kudos
Reply
YetAnotherAcc
Respected Contributor
Respected Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

You're right @javabrett that was a bad "example" to choose 🤣.

I'm well aware of example.com's prevalence and use, but I seem to recall that there was some risk or potential risk associated with it. I can't seem to find anything about it now. And of course example.com's ubiquity is not helping my find it.

javabrett
Occasional Contributor
Occasional Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

Thanks @YetAnotherAcc - ubiquity indeed!  It's very heavily referenced in software tests as a known/benign address - https://github.com/search?q=%22example.com%22&type=code - 33 million+ hits on GitHub code search.

That is in fact how I first noticed it - software with failing tests that pass elsewhere (or pass when I VPN past the local DNS), which happen to attempt to resolve example.com.

Not too dire, but it makes me wonder - how many other holes or missing domains are there in my DNS via the modem?  Would be good to know and understand the root cause.

0 Kudos
Reply
YetAnotherAcc
Respected Contributor
Respected Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

Your best bet would probably be to ask Sagemcom about it as its next to impossible to get that level of technical information from Optus.

Their first response will probably be boilerplate "its Optus' custom firmware, so you'll have to ask them" but I have read 1 or 2 cases of them helping. You may need to push a little.

I'd be curious to know which domain and why. It may even simply be a bug caused by them not removing their own test code, who knows 😕.

0 Kudos
Reply
javabrett
Occasional Contributor
Occasional Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

Is anyone able to run a ping www.example.com or try and load https://www.example.com through their browser, on Optus NBN, any modem?

@Jack_YC any luck with info?

Thanks
Brett

0 Kudos
Reply
YetAnotherAcc
Respected Contributor
Respected Contributor

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

I can do both with ASUS router and cloudflare DNS on my Optus FTTC service.

Note the cloudflare resolves the same as dnsany01.optusnet.com.au as shown:

Testing "www.example.com" against 3 DNS Servers.

DNS Server Result
---------- ----------
dnsany01.optusnet.com.au 93.184.216.34
1.1.1.1 93.184.216.34
8.8.8.8 93.184.216.34

0 Kudos
Reply
Ness_YC
Moderator
Moderator

Re: Odd missing domain/host www.example.com in DNS resolved by F@st5366 modem on NBN

We are still looking into this @javabrett. But, we'll post here once we have an update. Thanks for sticking with us!

----------------------------------------------------------------------------------------------------------------- I’m part of the Yes Crowd team, employed by Optus to help run our online community.

Did we answer your question? Please mark it as a Accepted Solution and if you see something that was helpful to you or the rest of the community, giving a Kudos is only a click away.

0 Kudos
Reply