Issue : GeoDNS breaks when using Cloudflare for Microsoft Teams URLs. The URL is supposed to resolve to an IP address closest to the user. But it resolves to US based IP addresses. Note that it works fine when we use Google DNS or OpenDNS
The Microsoft Teams URL in question
When using Cloudflare DNS (1.1.1.1) and sending queries from Asia (Hong Kong or Singapore), the URL resolves to North American IP addresses.
When Using Cloudflare
AWS-Singapore:~# dig @1.1.1.1 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-usea-02.eastus.cloudapp.azure.com.
52.115.62.1
AWS-Hong-Kong:~# dig @1.1.1.1 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-uswe-03.westus.cloudapp.azure.com.
52.112.107.4
When Using Google DNS
AWS-Singapore:~# dig @8.8.8.8 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-jpea-02.japaneast.cloudapp.azure.com.
52.115.47.1
AWS-Hong-Kong:~# dig @8.8.8.8 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-krcn-01.koreacentral.cloudapp.azure.com.
52.114.45.62
When Using OpenDNS
AWS-Singapore:~# dig @208.67.222.222 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-asse-02.southeastasia.cloudapp.azure.com.
52.114.54.60
AWS-Hong-Kong:~# dig @208.67.222.222 worldaz.tr.teams.microsoft.com +short
worldaz.tr.teams.trafficmanager.net.
a-tr-teams-asea-01.eastasia.cloudapp.azure.com.
52.114.5.9
Issue
If you look at the resulting IPs and look up their location, you will see that queries resolved through Cloudflare get North American IP addresses. Whereas queries sent through Google or OpenDNS are at least in the same continent.
You can also just look at the CNAME right before the IP address, which tells you the region it will resolve to (for example a-tr-teams-usea-02.eastus.cloudapp.azure.com)
Additional Notes :
- My egress IP on the Singapore AWS VM : 54.151.163.230
- My egress IP on the Hong Kong AWS VM : 18.162.155.81