I have a spectrum line in KCMO, I don't use their dns, but dhcp is passing me 
209.18.47.61 and .63, and I'm seeing the exact same thing the reddit user you 
quoted below is seeing. This is most definitely a spectrum issue.

 
I don't know Spectrum's dns setup, but these appear to be somewhere in TX, so I 
don't think they are anycast or mirrrored through their network, but I've never 
dug into that.


 
-----Original message-----
From:jake vdb <jake....@gmail.com>
Sent:Thu 10-03-2019 10:31 pm
Subject:Spectrum DNS servers resolving my domain name to a loopback address.
To:nanog@nanog.org; 
 
Hey, I posted this on r/networking and was advised to post on this list. The 
small company I work for has a niche SaaS app and for the past week Spectrum 
DNS servers have resolved the name to 127.0.0.54.

I found a Spectrum user on reddit to confirm the problem:

nslookup rightbridge.net <http://rightbridge.net> dns-cac-lb-02.rr.com 
<http://dns-cac-lb-02.rr.com> 

Non-authoritative answer:
Name: rightbridge.net <http://rightbridge.net> 
Address: 127.0.0.54

server 209.18.47.62
Default Server: dns-cac-lb-02.rr.com <http://dns-cac-lb-02.rr.com> 
Address: 209.18.47.62

I have been trying for a week to get Spectrum tech support and Twitter support 
to help, but so far that's been an exercise in futility.

As far as I'm aware, this only affects Spectrum. I have switched some users to 
Google's public DNS servers, but I can't reach all of them.

Reddit has been some help troubleshooting;

That is indeed interesting. What I notice is:
It replies to A requests with a 60 second TTL every single time, which is a 
behavior normally expected of an authoritative server, yet it is marking the 
replies as non-authoritative. I would expect non-authoritative servers to have 
a decrementing TTL.
It responds with 0 records for NS, MX, AAAA, and A requests. Not NXDOMAIN 
though.
It seems like a wildcard record that covers everything under your domain.
I see this behavior on both of the Spectrum resolvers that my cable modem 
connection is offered via DHCP. I don't have this problem if I use my own 
resolver (on a Spectrum connection).
I'm stumped. Despite my comment earlier about it being unlikely to be a 
Spectrum problem, I now agree that it does appear to be something strange on 
their side. Just to be sure, have you ever used Spectrum as a provider for 
something related to this domain, where they hosted the domain or anything? I'm 
not sure if they even offer that service, but want to ask just to be sure. 
There is typically little reason to have a specific domain singled out in your 
nameservers unless you host it.
The one guess I have is that they have gone out of their way to ban your domain 
for some reason. Wildcard pointing all queries to it to localhost would not be 
too unexpected of a way to ban a domain. Have you had any trouble with malware 
infections, spam, or anything else you can think of that might have lead 
someone to want to ban the domain?
I don't believe Spectrum has even been a service provider for my employer. They 
do not offer service where our home office is located, and they have only used 
Rackspace for hosting in the 13 years they've been around. No malware, 
infections, spam (that I'm aware of). We are not registered on any Blacklists.

I appreciate any help / advice,
Jake
 

Reply via email to