Category: DNS

DNS, Whois, et cetera
article #12, updated 6 days ago

A great place for general DNS lookup info:

http://www.dnsstuff.com/

The best WHOIS:

https://whois.icann.org/en

And one for info about IP addresses:

http://www.arin.net/index.shtml

Categories:   DNS   Internet Networking

==============

Test DMARC record for a domain
article #1086, updated 30 days ago

A free tool:

https://www.dmarcanalyzer.com/dmarc/dmarc-record-check/

Categories:   Email   DNS

==============

SPF for Constant Contact
article #873, updated 37 days ago

Awhile ago it came to light that the following needed to be added to SPF records for email-enabled domains using Constant Contact:

include:ccsend.com include:constantcontact.com include:confirmedcc.com

Things have gotten a lot better. The following now covers all of the above:

ip4:208.75.120.0/22

Categories:   Email   DNS

==============

Eliminate Hesitations in Microsoft Services with Better DNS
article #1067, updated 84 days ago

Microsoft is heavily using something called GeoIP, to optimize Internet data routing for its services, including Skype, Office 365, and all of the others.

All of the code below is within ‘nslookup’, running in CMD on Windows.

The way this works, basically, is different IP sets are reported by DNS lookups, depending on the upstream DNS server being polled. So if, like many right now, you were using Google’s DNS (8.8.8.8 and 8.8.4.4) on your LAN, and did nslookup on the recommended test hostname, outlook.office365.com, you would see this:

> outlook.office365.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
Name:    outlook-namsouth2.office365.com
Addresses:  2603:1036:0:26::2
          2603:1036:102:90::2
          2603:1036:404:a4::2
          2603:1036:102:107::2
          2603:1036:102:b8::2
          2603:1036:404:11b::2
          2603:1036:404:3f::2
          2603:1036:3:12e::2
          2603:1036:102:3e::2
          2603:1036:404:11c::2
          40.97.170.162
          40.97.30.130
          40.97.170.178
          40.97.142.18
          40.97.41.98
          40.97.162.130
          40.97.154.66
          40.97.166.178
          40.97.117.242
          40.97.119.178
Aliases:  outlook.office365.com
          outlook.ha.office365.com
          outlook.office365.com.g.office365.com

>

But on the other hand, if you were using OpenDNS (208.67.220.220/222.222), you would see this:

> outlook.office365.com
Server:  resolver1.opendns.com
Address:  208.67.222.222

Non-authoritative answer:
Name:    outlook-namsouth4.office365.com
Addresses:  2603:1036:d01:2::2
          2603:1036:101:2::2
          2a01:111:f400:31ab::2
          2603:1036:902:a3::2
          2603:1036:906:4d::2
          2603:1036:405:2::2
          2603:1036:405:15::2
          2603:1036:404:67::2
          2603:1036:100::2
          40.97.142.18
          40.97.41.98
          40.97.162.130
          40.97.154.66
          40.97.166.178
          40.97.117.242
          40.97.119.178
          40.97.170.162
          40.97.30.130
          40.97.170.178
Aliases:  outlook.office365.com
          outlook.ha.office365.com
          outlook.office365.com.g.office365.com

>

The most important thing to observe in the above, is that the IP set is different. And if you try pings from your test PC to each of the above IPs, you will notice major differences. In recent testing, most of Google’s results ping much slower (higher, in milliseconds) than OpenDNS’s. But we found OpenDNS’s pings noticeably slower than our current known best of breed, Level3 (209.244.0.3/4):

> outlook.office365.com
Server:  resolver1.level3.net
Address:  209.244.0.3

Non-authoritative answer:
Name:    outlook-namsouth.office365.com
Addresses:  2603:1036:404:16::2
          2603:1036:404:b6::2
          2603:1036:102:16::2
          2603:1036:405:29::2
          2603:1036:906:4f::2
          2603:1036:d00::2
          2603:1036:102:8f::2
          2603:1036:405:4a::2
          2603:1036:4:4c::2
          40.97.133.130
          40.97.132.194
          40.97.125.114
          40.97.132.226
          40.97.126.50
          40.97.31.50
          40.97.164.146
          40.97.136.194
          40.97.166.34
Aliases:  outlook.office365.com
          outlook.ha.office365.com
          outlook.office365.com.g.office365.com

>

We have also noticed that the lists of IPs do not correspond to names, i.e., outlook-namsouth3 does not return the same IP list each time. So there is a lot of highly complex geographically-centered IP routing by DNS, going on, by Microsoft, and Level3 seems to cooperate best.

The upshot is, if you see any Microsoft cloud-based services being slow, hesitating, freezing up, or losing connection regularly, switch your LAN’s DNS forwarders to Level 3, and you may well knock the problem out most easily.

Categories:   DNS   Internet Networking

==============

DNS Root Servers
article #1017, updated 267 days ago

As of this writing, the current authoritative list, from here:

https://www.iana.org/domains/root/servers

is:

a.root-servers.net 198.41.0.4 2001:503:ba3e::2:30 VeriSign, Inc.
b.root-servers.net 192.228.79.201 2001:500:84::b University of Southern California (ISI)
c.root-servers.net 192.33.4.12 2001:500:2::c Cogent Communications
d.root-servers.net 199.7.91.13 2001:500:2d::d University of Maryland
e.root-servers.net 192.203.230.10 2001:500:a8::e NASA (Ames Research Center)
f.root-servers.net 192.5.5.241 2001:500:2f::f Internet Systems Consortium, Inc.
g.root-servers.net 192.112.36.4 2001:500:12::d0d US Department of Defense (NIC)
h.root-servers.net 198.97.190.53 2001:500:1::53 US Army (Research Lab)
i.root-servers.net 192.36.148.17 2001:7fe::53 Netnod
j.root-servers.net 192.58.128.30 2001:503:c27::2:30 VeriSign, Inc.
k.root-servers.net 193.0.14.129 2001:7fd::1 RIPE NCC
l.root-servers.net 199.7.83.42 2001:500:9f::42 ICANN
m.root-servers.net 202.12.27.33 2001:dc3::35 WIDE Project

Categories:   DNS   Internet Networking

==============

Free Public DNS Servers
article #883, updated 327 days ago

Google is a good place to start:

8.8.8.8
8.8.4.4

OpenDNS is often good too:

208.67.220.220
208.67.222.222
208.67.220.222
208.67.222.220

And one new to us, is Level 3. Level 3 provides DNS to most ISPs in the U.S.A., and does provide geo-routing for speed and compatibility.

209.244.0.3
209.244.0.4

Categories:   DNS   

==============

Installing nslookup on Linux
article #1008, updated 327 days ago

Increasingly, nslookup is not installed by default in major Linux distros. On Arch-based and Debian-based distros, it’s in package dnsutils,

Categories:   DNS   Linux OS-level Issues

==============

Opt out of the Cox special DNS
article #884, updated 703 days ago

By default, Cox will DHCP to your systems some DNS servers which behave like OpenDNS, i.e., if there is a DNS name miss, the servers will show a hit which is a Cox search page. This can confuse a lot of things. Cox has provided a way around this:

http://www.cox.com/residential/support/internet/article.cox?articleId=e14ee070-6448-11df-ccef-000000000000

for residential at least, it uses these two IPs as static DNS:

68.105.28.13
68.105.29.13

and these do appear to be noticeably faster!

Categories:   DNS   

==============

CenturyLink DNS servers
article #881, updated 706 days ago

A great place to find them:

http://internethelp.centurylink.com/internethelp/dns-ctl.html

Categories:   DNS   

==============

DNS Root Server IPs
article #780, updated 981 days ago

Here is the canonical source:

http://www.internic.net/zones/named.root

Categories:   DNS