Incorrect DNS resolution at Comcast

We are having an incorrect DNS resolution on Comcast networks.

Please advise on how to solve this problem.

Unsufficient data.

That appears to be consistent from what is configured in DNS. Cloudflare returns a CNAME record which is owned by Microsoft / Azure … Microsoft’s servers then resolve it to it’s ultimate IP address. The record in your screenshot matches why I get for the same query on another network. No indication that resolution is incorrect that I can determine.

dig dental.moolah.cc

; <<>> DiG 9.10.6 <<>> dental.moolah.cc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52089
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;dental.moolah.cc.		IN	A

;; ANSWER SECTION:
dental.moolah.cc.	60	IN	CNAME	productionmoolahpay.azurewebsites.net.
productionmoolahpay.azurewebsites.net. 30 IN CNAME waws-prod-dm1-103.sip.azurewebsites.windows.net.
waws-prod-dm1-103.sip.azurewebsites.windows.net. 3600 IN CNAME waws-prod-dm1-103.centralus.cloudapp.azure.com.
waws-prod-dm1-103.centralus.cloudapp.azure.com.	10 IN A	104.43.254.102

;; Query time: 83 msec
;; SERVER: 172.64.36.1#53(172.64.36.1)
;; WHEN: Thu Oct 12 13:04:20 EDT 2023
;; MSG SIZE  rcvd: 230
ental.moolah.cc @chan.ns.cloudflare.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57819
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;dental.moolah.cc.		IN	A

;; ANSWER SECTION:
dental.moolah.cc.	60	IN	CNAME	productionmoolahpay.azurewebsites.net.

;; Query time: 31 msec
;; SERVER: 108.162.192.82#53(108.162.192.82)
;; WHEN: Thu Oct 12 13:05:26 EDT 2023
;; MSG SIZE  rcvd: 96

See the difference with Comcast

Those are traceroute entries, nothing in them demonstrates the underlying DNS resolution. Both of those screenshots are on the Comcast network but nothing in them indicates what DNS server is in use or what response was returned.

The authoritiative nameservers on Cloudflare are returning an entry which is consistent on 1.1.1.1, 8.8.8.8 and 9.9.9.9 as recursive resolvers. I’d look at what DNS server the machine returning the incorrect result is returning.

Those IP addresses should be the same though correct?

What is the best way to do that in Windows?

Dig / NSLookup / IPconfig / Network adapter settings. Those would probably be the places to start.

Ok thanks, but the IP address that resolved on the top of those trace routes should be the same correct?

@cscharff this is what I got on their computer.

Whatever DNS server they are using is uh… not correct. But the authoritative DNS is so, it’s a user / DNS admin problem for whatever resolver they’re pointed to. Those answers for IPs are also completely different than what they had in their screenshot.

So it might be a security appliance on their side…

https://www.reddit.com/r/sysadmin/comments/s3cgx0/barracuda_safelinks_certificate_error/

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.