VoWiFi issues due to possibly bad resolution

Hello,

I was having a strange issue that since the time I started using ‘cloudflared’ on a Pi which acts as DNS resolver in my home network, VoWiFi was dead across devices. I didn’t suspect it to be a DNS issue in beginning and tried to settle without it, but sometimes my house gets pretty low LTE network so I investigated it.

Turned out, all devices/providers make DNS resolution request for *,pub,3gppnetwork,org along with a provider’s domain for A and AAAA. And, they do it A LOT, like they bombard with these DNS queries until they either settle without it or get it right.

For some reason 1.1.1.1 acts different in 2 ways for my particular service provider Jio.

  1. It returns a different IPs for A query than provider’s DNS or Google DNS. (for both epdg.epc.mnc856.mcc405.pub.3gppnetwork.org and vowifi.jio.com in my case)

  2. It returns SERVFAIL for AAAA query while others return NOERROR (N/A).

here are the results of dig (cropped) for both —

Different IPs on which VoWiFi doesn’t work

# dig vowifi.jio.com @1.1.1.1 A
;; ANSWER SECTION:
vowifi.jio.com. 5 IN A 49.45.63.1
vowifi.jio.com. 5 IN A 49.45.63.2
;; SERVER: 1.1.1.1#53(1.1.1.1)

# dig vowifi.jio.com @8.8.8.8 A
;; ANSWER SECTION:
vowifi.jio.com. 4 IN A 49.44.59.36
vowifi.jio.com. 4 IN A 49.44.59.38
;; SERVER: 8.8.8.8#53(8.8.8.8)

# dig epdg.epc.mnc856.mcc405.pub.3gppnetwork.org @1.1.1.1 A
;; ANSWER SECTION:
epdg.epc.mnc856.mcc405.pub.3gppnetwork.org. 5 IN A 49.45.63.1
epdg.epc.mnc856.mcc405.pub.3gppnetwork.org. 5 IN A 49.45.63.2
;; SERVER: 1.1.1.1#53(1.1.1.1)

# dig epdg.epc.mnc856.mcc405.pub.3gppnetwork.org @8.8.8.8 A
;; ANSWER SECTION:
epdg.epc.mnc856.mcc405.pub.3gppnetwork.org. 4 IN A 49.44.59.37
epdg.epc.mnc856.mcc405.pub.3gppnetwork.org. 4 IN A 49.44.59.39
;; SERVER: 8.8.8.8#53(8.8.8.8)

SERVFAIL below

# dig epdg.epc.mnc856.mcc405.pub.3gppnetwork.org @1.1.1.1 AAAA
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 22287
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; SERVER: 1.1.1.1#53(1.1.1.1)

# dig epdg.epc.mnc856.mcc405.pub.3gppnetwork.org @8.8.8.8 AAAA
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13584
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; SERVER: 8.8.8.8#53(8.8.8.8)

In first case where it gets different IP could be due to Geolocation, but somehow Google DNS gets it right every time which I also get from any DNS resolver in India, while CloudFlare DNS gives the IP which I get on other DNS servers around the world.

And the SERVFAIL in AAAA is kinda different than any other service. Is there anything CF specific if anyone knows?

Can someone please verify this or help me resolve this or have any insight on any of these issues.

Thanks

Hi @indianetsX - there’s two parts here:

  • You may not get localized responses as 1.1.1.1’s focus on privacy means we do not send the EDNS Client Subnet (“ECS”) in the query - and thus Jio’s DNS server is going to return a more generic answer: https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details#edns-client-subnet

  • In the case of SERVFAIL vs. NOERROR, we don’t see the authoritative server setting the authoritative bit (AA) when resolving the chain.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.