Cloudflare DNS returning wrong data

Hello, I have a curious case of cloudflare-dns not working as it should (or a case of me misunderstanding something).

I have a domain (cdn.lbryplayer.xyz) that is load balanced through cloudflare (grey cloud btw) and has geosteering enabled.

I’m in switzerland so I should get a set of european servers as shown for google DNS:

$ dig @8.8.8.8 cdn.lbryplayer.xyz

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> @8.8.8.8 cdn.lbryplayer.xyz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27476
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;cdn.lbryplayer.xyz.            IN      A

;; ANSWER SECTION:
cdn.lbryplayer.xyz.     29      IN      A       51.210.219.62
cdn.lbryplayer.xyz.     29      IN      A       51.91.64.44
cdn.lbryplayer.xyz.     29      IN      A       51.210.3.83
cdn.lbryplayer.xyz.     29      IN      A       51.210.219.68
cdn.lbryplayer.xyz.     29      IN      A       51.210.0.109
cdn.lbryplayer.xyz.     29      IN      A       51.210.220.149
cdn.lbryplayer.xyz.     29      IN      A       51.89.43.199

;; Query time: 24 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jun 03 19:09:34 UTC 2021
;; MSG SIZE  rcvd: 159

however when resolving it through 1.1.1.1 I get this:

$ dig @1.1.1.1 cdn.lbryplayer.xyz

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> @1.1.1.1 cdn.lbryplayer.xyz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51380
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;cdn.lbryplayer.xyz.            IN      A

;; ANSWER SECTION:
cdn.lbryplayer.xyz.     30      IN      A       135.148.100.33
cdn.lbryplayer.xyz.     30      IN      A       51.81.57.64
cdn.lbryplayer.xyz.     30      IN      A       135.148.55.7

;; Query time: 17 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Jun 03 19:10:34 UTC 2021
;; MSG SIZE  rcvd: 95

which is the set of us-east servers.

What’s even more strange is that if I pass +trace I get the correct IPs:

$ dig @1.1.1.1 cdn.lbryplayer.xyz +trace                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                             
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> @1.1.1.1 cdn.lbryplayer.xyz +trace                                                                                                                                                                                                                                                 
; (1 server found)                                                                                                                                                                                                                                                                                                           
;; global options: +cmd                                                                                                                                                                                                                                                                                                      
.                       511560  IN      NS      a.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      b.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      c.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      d.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      e.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      f.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      g.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      h.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      i.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      j.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      k.root-servers.net.                                                                                                                                                                                                                                                          
.                       511560  IN      NS      l.root-servers.net.
.                       511560  IN      NS      m.root-servers.net.
.                       511560  IN      RRSIG   NS 8 0 518400 20210616050000 20210603040000 14631 . W2CU9gqH9e9p99ngL1nsL3o/KT69zmM261kUzsCu7fajDpOTbHWu8ayV td0NXsTyzoCANrZd/M8vuzcXmeF8z9Gmua/DpnAHSKsowuR738vDTB07 5ncrVPUWF3+ju556n0Gdvi4ziKoKzyH7ntBfvS3hOKfmbdOULN9tUJ47 tcTPdaZj86QtemlTWaHC+V9vzCV/cIIcu4ohm5tZqliz67NtFWmWK/4P 17MkqUsTgQelW45ceJTWdXonOVnHOvzrG8qgivYqDUfKgkcx3WxbeXdW hDtWPDFCzjlsXZA2hkaIKLgbrx4O3xM8XDa+bswH7XHqIskdP+NgHXwx 7HuwXw==
;; Received 525 bytes from 1.1.1.1#53(1.1.1.1) in 7 ms

xyz.                    172800  IN      NS      x.nic.xyz.
xyz.                    172800  IN      NS      y.nic.xyz.
xyz.                    172800  IN      NS      z.nic.xyz.
xyz.                    172800  IN      NS      generationxyz.nic.xyz.
xyz.                    86400   IN      DS      3599 8 1 3FA3B264F45DB5F38BEDEAF1A88B76AA318C2C7F
xyz.                    86400   IN      DS      3599 8 2 B9733869BC84C86BB59D102BA5DA6B27B2088552332A39DCD54BC4E8 D66B0499
xyz.                    86400   IN      RRSIG   DS 8 1 86400 20210616170000 20210603160000 14631 . Brh7NrjPstT5P1Tt02Pa1g99fV9QIELmP02OvP5Y7tz2tvpJZ5QDgWlQ Ao2e8YBf9tNOYicFZc0zHRXdXjWpTDFy90I9aN7PoVw0WDaDjpoGvlBr BbqRxUGwmuKaEISNKK9H7gbv5VCUEoYZkZuxko7ssGhQ6sNyjRbcZGN5 h43VGNg12im4Y/GCjcXMWoB1eepW3IE5lraGAEKCob0sEu+o+tTt5lIl fzEz1R0WyzOTZSU/mnUnTaW67ZBb01GNO5mMUrWlfmfwQ1d/j4HLSgrq Fbq3G2Kp8FfmAx5m0GSYjuVNbcb1PRuIV55tWrCNKY+WQloIUO0A5H1e slXxBg==
;; Received 674 bytes from 2001:500:2d::d#53(d.root-servers.net) in 4 ms

lbryplayer.xyz.         3600    IN      NS      evan.ns.cloudflare.com.
lbryplayer.xyz.         3600    IN      NS      jill.ns.cloudflare.com.
1h97h2oec2juov8dlbbjj6i7ik26bm8d.xyz. 3600 IN NSEC3 1 1 1 - 1H9SP7N22537R92KKG4DNO5R90TMHMCQ  NS SOA RRSIG DNSKEY NSEC3PARAM
caidnako83e1n9tne9igk1go5cto89l0.xyz. 3600 IN NSEC3 1 1 1 - CAKDRF416J4BH9IQB7DI2REQUM7SJLLO  NS DS RRSIG
1h97h2oec2juov8dlbbjj6i7ik26bm8d.xyz. 3600 IN RRSIG NSEC3 8 2 3600 20210629133518 20210530055655 50428 xyz. S3L1FELqm2x6cDsBn4xX/Igm/8o3UXQDCquF1xDUPsElBgCCWTtm3VlR pbbTAGnroe7JJrJKFFdWTvnoPgRYFIhtGnSVU62kcRU4esyjOt1flci7 lR2ZltbBEG+2/KuK56gimtrAnwGeIv/1EayLIoVgrBNiynxWt3K5+sEa 0jU=
caidnako83e1n9tne9igk1go5cto89l0.xyz. 3600 IN RRSIG NSEC3 8 2 3600 20210704033539 20210603154931 50428 xyz. RKDH9Dws6R4pgxLA3LbmFMR+3k8xRokViEEjRKhfVdnaNY41KsRLliKl A9w5P1dwIo8KyIuQ5h5A+GLBgGp4De4czclJBfXjkjI5PzD7FdOtLE8/ KRFmafKfBKbfwsDORr409mUcYyGBsYjYcIHBnS64pkllQEG2W8QXwXMD znI=
;; Received 587 bytes from 212.18.249.42#53(generationxyz.nic.xyz) in 8 ms

cdn.lbryplayer.xyz.     30      IN      A       51.210.0.109
cdn.lbryplayer.xyz.     30      IN      A       51.89.43.199
cdn.lbryplayer.xyz.     30      IN      A       51.210.220.149
cdn.lbryplayer.xyz.     30      IN      A       51.210.3.83
cdn.lbryplayer.xyz.     30      IN      A       51.210.219.62
cdn.lbryplayer.xyz.     30      IN      A       51.210.219.68
cdn.lbryplayer.xyz.     30      IN      A       51.91.64.44
;; Received 159 bytes from 172.64.32.122#53(jill.ns.cloudflare.com) in 13 ms

I tried flushing my local DNS, using a different EU-based server to dig, clearing the cache through https://cloudflare-dns.com/purge-cache/ too to no avail.

Why is 1.1.1.1 returning wrong data and sending users across the pond?

@MoreHelp

Hi Niko,

This is an interesting problem. Considering that the cache was purged, and I did purge it here myself to make sure, there are only three other things that I can think could cause this:

  1. The datacenter you are reaching when using 1.1.1.1:

Traffic for domains using DNS-Only mode is routed based on the data center associated with the user’s recursive resolver (DNS recursor).

From: https://developers.cloudflare.com/load-balancing/understand-basics/proxy-modes

  1. The traffic is going to the fallback pool;

Do you have a ticket open on this by any chance?

Hi Rapha,

Thank you for your answer. Yes I do have a ticket open: #2175072

I can also confirm that this happens on different ISPs and regions (I tested with 2 different swiss ISPs and an OVH server in france) and that the european pools are available and working.

I’ll gladly give you more details if needed.

Best regards,
Niko

1 Like