Online banking timeout


#1

Hi there,

Looks like my online banking app times out on my phone when using 1.1.1.1, was fine on Google DNS.
I am in the UK and banking with Santander, not sure if it matters.

Their web app and public websites are fine, the issue seems to be only with the native iOS app (not sure about android as I don’t have access to a device).


#2

I’m having the same issue with Cahoot which is owned by Santander.

nslookup for secure . cahoot . com results in:

** server can’t find secure.cahoot.com: SERVFAIL

Looks like it’s a CNAME that should resolve to:

canonical name = secure.cahoot.lbi.santander.uk

which should resolve to:

193.127.210.173

(I had to put spaces in the domain at the start as I can only post 2 links…)


#3

@pirgo0 and @el_pablo_1878,

Thank you for the reports. We saw a tweet report at your bank of similar issues. Not sure of the root cause… we will investigate as much as we can on our side. If they have the ability for you to create a support ticket with them as well it might be worthwhile.


#4

It appears they may have a problem with their DNS resolvers.

http://dnsviz.net/d/secure.cahoot.lbi.santander.uk/dnssec/

We use DNS Query Name Minimisation to enhance the privacy of visitors (https://blog.cloudflare.com/dns-resolver-1-1-1-1/) which may explain why the issue with their DNS servers may not be apparent on other servers.


#5

lbi.santander.uk. seems to use buggy DNS servers – given the “lb” in “lbi”, probably some expensive load balancer appliance – that drop queries they don’t expect, using a narrow and invalid definition of “expect”, causing problems for resolvers that use QNAME minimisation.

Try “dig cahoot.lbi.santander.uk” or even “dig lbi.santander.uk ns” using any resolver.