GeoDNS Routing Issue with 1.1.1.1 for iranian user

I’m currently using GeoDNS for my domain routing. I’ve tried Route53 and Bunny DNS services. I’m having trouble getting precise locations when using Cloudflare DNS 1.1.1.1 to resolve domain. while most countries show the right IP addresses, Iran doesn’t. Interestingly, other DNS servers like 8.8.8.8 give accurate results. However, with 1.1.1.1, I often end up getting IP addresses associated with Germany instead.

My suspicion is that Cloudflare may not be sending EDNS Client Subnet information, resulting in the misrouting of requests to Germany instead of Iran. Can anyone confirm if this is the case?
And is there a solution to ensure correct routing for Iranian requests?

Additionally, I’m curious if Cloudflare always uses the FRA location for Iran, as indicated in the output of https://1.1.1.1/cdn-cgi/trace.

Would appreciate any insights or solutions.

1 Like

https://developers.cloudflare.com/1.1.1.1/faq/#does-1.1.1.1-send-edns-client-subnet-header

@milk I am aware of this fact, but my question is why it is correct for all countries except iran?

The closest network path isn’t always the same as the closest geographical path.

Several ISP’s are backhauling traffic, which means sometimes it goes to other countries, or even to other continents, likely for economical reasons.

So if your ISP from Iran decide to carry all the traffic to FRA (Frankfurt, Germany), and pass the traffic over to Cloudflare there, then your DNS query will exit from the Cloudflare PoP from FRA (Frankfurt, Germany), towards the domain’s authoritative DNS servers.

Therefore the domain (the one that uses GeoDNS)'s authoritative DNS servers will now locate the request based on the FRA (Frankfurt, Germany) location.

It isn’t country specific issue, but an ISP specific one, and it depends on your ISP’s peering arrangements with other networks, including whether they are peering with other networks locally, or far away (e.g. backhauling) as mentioned above.

I would therefore suggest to open up support tickets with the individual Iranian ISP(s) where you see this issue, and request that they start peering with Cloudflare locally, or if that isn’t possible for them, then at least more locally (e.g. neighbouring country, but on the same continent).

1 Like