1.1.1.1 and Google DNS


#1

Hey there.
For some reason if I use the 1.1.1.1 for a dig or anything else, it doesn’t work. It works with 1.0.0.1.
I use Google public DNS on my network, but I do a lot of work with Cloudflare.
Here is my traceroute:

traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
 1  testwifi.here (192.168.86.1)  0.410 ms  0.752 ms  0.893 ms
 2  104-191-72-1.lightspeed.snantx.sbcglobal.net (104.191.72.1)  4.807 ms  4.456 ms  4.612 ms
 3  99.71.0.194 (99.71.0.194)  5.842 ms  6.265 ms  6.067 ms
 4  12.123.236.222 (12.123.236.222)  15.035 ms  14.866 ms  15.147 ms
 5  cr2.cl2oh.ip.att.net (12.122.2.209)  15.393 ms  14.528 ms  14.690 ms
 6  12.123.18.233 (12.123.18.233)  14.241 ms  12.022 ms  14.876 ms
 7  192.205.36.206 (192.205.36.206)  10.458 ms  10.839 ms  10.150 ms
 8  if-ae-2-2.tcore2.dt8-dallas.as6453.net (66.110.56.6)  9.998 ms  9.945 ms  10.517 ms
 9  66.110.57.165 (66.110.57.165)  10.070 ms  10.353 ms  10.223 ms
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

Thanks!


#2

Can you post a traceroute to 1.0.0.1 as well? It would seem as if your ISP hijacked 1.1.1.1 address and does not route to the actual destination. The only thing by which I am surprise is that the trace actually reached relatively far, usually they stop earlier.


#3

There we go:
traceroute 1.0.0.1
traceroute to 1.0.0.1 (1.0.0.1), 30 hops max, 60 byte packets
1 testwifi.here (192.168.86.1) 0.409 ms 0.565 ms 1.161 ms
2 104-191-72-1.lightspeed.snantx.sbcglobal.net (104.191.72.1) 9.710 ms 9.175 ms 8.769 ms
3 99.71.0.194 (99.71.0.194) 3.871 ms 4.092 ms 4.187 ms
4 12.123.236.222 (12.123.236.222) 12.029 ms 11.893 ms 11.747 ms
5 cr2.cl2oh.ip.att.net (12.122.2.209) 16.255 ms 14.183 ms 15.124 ms
6 12.123.18.233 (12.123.18.233) 17.313 ms 10.353 ms 14.304 ms
7 192.205.36.206 (192.205.36.206) 10.663 ms 10.441 ms 9.955 ms
8 if-ae-2-2.tcore2.dt8-dallas.as6453.net (66.110.56.6) 10.400 ms 9.929 ms 9.683 ms
9 66.110.57.165 (66.110.57.165) 10.476 ms 9.932 ms 9.737 ms
10 one.one.one.one (1.0.0.1) 10.115 ms 10.208 ms 10.327 ms


#4

It looks like @sandro was spot on, the issue here is from the ISP side. Maybe Cloudflare can push it a but it would be great if you contacted than as well.


#5

It’s AT&T. What would I tell them?
They were throttling Google and AWS servers and it took me a couple of months fighting with them for them to drop doing it on my end. Imagine now dealing with a DNS, they will say it’s Cloudflare and it will be like that back and forth. :stuck_out_tongue:


#6

I would suggest changing ISP, but I suspect it won’t be an option having an idea of USA’s nightmare ISP landscape.


#7

The interesting bit is, as mentioned earlier, the trace to 1.1.1.1 does not stop relatively early but - judging from your second trace - apparently only one hop before reaching Cloudflare. Based on that I am not even entirely sure it is an issue with AT&T.

Maybe @cscharff could shed some light if this is likely an ISP issue or rather some local problem in the DFW datacentre (I am simply assuming now you go via Dallas, you can verify that on https://cloudflare-dns.com/help).


#8

Yeah, no can do. I need my 1G/1G speeds. :slight_smile:


#9

That’s right. Most of the time I hit DFW DCs.
BTW, the link you sent is always like this:

### Debug Information

|Connected to 1.1.1.1|No|
| --- | --- |
|Using DNS over HTTPS (DoH)|No|
|Using DNS over TLS (DoT)|No|
|AS Name|Checking...|
|AS Number|Checking...|
|[Cloudflare Data Center](https://support.cloudflare.com/hc/en-us/articles/200169986-Which-Cloudflare-data-center-do-I-reach-)|Checking...|

### Connectivity to Resolver IP Addresses

|1.1.1.1|Checking...|
| --- | --- |
|1.0.0.1|Checking...|
|2606:4700:4700::1111|Checking...|
|2606:4700:4700::1001|Checking...|

#10

It finally ended: https://cloudflare-dns.com/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6Ik5vIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiREZXIiwiaXNwTmFtZSI6Ikdvb2dsZSIsImlzcEFzbiI6IjE1MTY5In0=


#11

@cloonan / @cscharff, is there anything in/around DFW which could be the reason for this behaviour?

@eric.cavalcanti, maybe open a support ticket, providing them with both traceroutes and specifically point out that the 1.1.1.1 one appears to stop right before the intended host.


#12

Maybe use 1.0.0.1 as primary and 8.8.8.8 as secondary? In the meantime follow @sandro’s advice.


#13

A support ticket with Cloudflare or AT&T?


#14

I can’t use Cloudflare’s DNS as primary at this moment.


#15

1.0.0.1 should work, shouldnt it.


#16

Yeah, but I need Google’s DNS as my main DNS. Using Cloudflare DNS I have seen performance issue in the past. :frowning:


#17

Performance is a different issue from the one discussed here. So Cloudflare might not work at all for you.

To be honest, I dont think it matters all that much anyhow. Be it Cloudflare, Yandex, Google, they all are more or less equally good and all have their own quirks.


#18

At the time I used I was loosing 20% of my speed (that’s 200Mb/s), so yeah, that’s a big issue for me.
Maybe it’s better now, but it works just fine with Google DNS, so I am keeping that way.
The issue is something different, I have other friends using Google DNS with the same issue and they also route to DFW.


#19

Bandwidth/throughput and DNS are pretty unrelated. The only remotely related issue could be EDNS, which Cloudflare (more or less rightly) does not support for privacy reasons, but that should apply only to a fraction of sites.


#20

Again, not sure what it was, I didn’t dig into it. I used for a little while, complained with AT&T, they didn’t see anything wrong on their end, so I moved back to Google DNS and it all went back to normal.
But this post has nothing to do with that. I need to use Google DNS, I can’t change to anything else.