Wrong DNS resolutions from Wind / Infostrada autonomous system AS1267 for Akamai

dash-dns
#1

Hi.
I’m in Italy and my ISP is Wind / Infostrada (WIND Telecomunicazioni S.p.A.), autonomous system AS1267. My current public IP is 151.73.53.92.
If I lookup the FQDN “whatismyip.akamai.com” with 1.1.1.1 I receive these IPs:

Name: a1524.g.akamai.net
Address: 92.123.180.162
Name: a1524.g.akamai.net
Address: 92.123.180.179

or

Name: a1524.g.akamai.net
Address: 92.122.125.194
Name: a1524.g.akamai.net
Address: 92.122.125.208

Instead if I lookup “whatismyip.akamai.com” with 8.8.8.8 (Google DNS), or with the DNS of my ISP, I always receive these IPs:

Name: a1524.g.akamai.net
Address: 151.29.122.152
Name: a1524.g.akamai.net
Address: 151.29.122.98

Well, it seems that 8.8.8.8 (Google DNS) is doing “a better lookup” due to geolocalization of the IP of origin (my Public IP) and so will answer always with the “best” IP in term of latency because 151.x.x.x is the same network of Wind / Infostrada (WIND Telecomunicazioni S.p.A.), autonomous system AS1267.
In fact I can ping 151.29.122.152 or 151.29.122.98 with only 5ms, instead when I ping 92.123.180.162 or 92.123.180.179 the latency is about 16ms (and in my case it is routed externally via telia.net).

Please, can you “improve” for 1.1.1.1 the DNS lookup for “whatismyip.akamai.com” so it will answer with “the best” IPs such as 151.29.122.152 and 151.29.122.98 for customers of Wind / Infostrada (WIND Telecomunicazioni S.p.A.), autonomous system AS126?

Thank you.

Fabio

1 Like
#2

Hi, the issue here is on purpose.

Since 1.1.1.1 doesn’t send your IP to the upstream resolvers (does not send ECDS Client Subnet) Akamai can’t send you yours and doesn’t know exactly where you are located. 8.8.8.8 does not do this, so it will be more accurate in Akamai’s case.

#3

Hi Matteo and thanks for your answer.
Well, since Cloudflare’s DNS does not send ECDS Client Subnet to upstream resolvers, this means that any FQDN that is part of CDNs (Akamai and others) are not resolved with the “nearest” IP?
And this is not the opposite concept of how Cloudflare works/want to works?

Any chance to implement in Cloudflare’s DNS the possibility to send ECDS Client Subnet to upstream resolvers in order to obtain always the “nearest” IP?

Thanks and ciao!

#4

Usually CDNs operate on anycast networks. Those don’t really care about the location of the user since the ISPs handle that. This is also to improve user’s privacy.

The only CDN that has that issue is Akamai…

They won’t add ECDS, if you need that change DNS.

#5

So, in others word, anycast CDNs operates by route the destination IP to nearest location (routing made by ISP) instead the Akamai CDN works giving the nearest location based on IP resolved by DNS?

#6

Basically yes. Anycast has the same IP everywhere, ISPs decide to route traffic where they want (usually closest location, sometimes no). Akamai replies via DNS with a different IP each time…

#7

Thank you Matteo for info and support!
Ciao!