Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[David Hubbard]

I'm finding it unreachable from at least one Level 3 router.  I'm seeing 
behavior which makes me suspect 1.1.1.1/32 has been incorrectly defined an 
interface IP on that device; one of our locations gets an immediate ping 
response for 1.1.1.1, and a traceroute of one hop, which is that first upstream 
hop.  1.0.0.1 is reachable like normal across several hops.

On 4/3/18, 1:36 PM, "NANOG on behalf of George Skorup" 
 wrote:

1.1.1.1 not usable via Windstream peering in Chicago.

# traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
...
  3  be4.agr01.chcg02-il.us.windstream.net (40.136.99.22)  5.158 ms 
5.116 ms  7.565 ms
  4  ae13-0.cr01.chcg01-il.us.windstream.net (40.136.99.44)  4.673 ms  
4.644 ms  4.600 ms
  5  et8-0-0-0.cr02.dlls01-tx.us.windstream.net (40.128.10.135) 27.136 
ms  27.099 ms  27.053 ms
  6  xe0-2-3-0.cr02.dnvt01-co.us.windstream.net (40.136.97.125) 29.075 
ms  28.381 ms  28.336 ms
  7  xe3-3-1-0.pe03.dums01-tx.us.windstream.net (173.189.57.195) 46.121 
ms  46.193 ms  46.148 ms
  8  * * *
  9  * * *
10  * * *
11  * * *
12  * * *
13  *^C

# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=248 time=43.2 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=248 time=43.9 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=248 time=42.8 ms
^C
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 42.892/43.344/43.915/0.489 ms

# nslookup
 > server 1.1.1.1
Default server: 1.1.1.1
Address: 1.1.1.1#53
 > google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Andrey Slastenov]

Very interesting...

I just heard about this problem today from one of my friend’s who supports of 
the big SP network (Russia). He got complains from one of their peer. After 
short investigation he found that they blackholing 1.1.1.1. 
When I asked him about the reasons, he can’t explain because as he said “it was 
there from the Big Bang times”.



BR, Andrey Slastenov

> 3 апр. 2018 г., в 20:41, Jeremy L. Gaddis  написал(а):
> 
>> On 2018-04-03 (Tue) at 01:22 EDT, Tore Anderson wrote:
>> Any plans to support NSID and/or "hostname.bind" to allow clients to
>> identify which node is serving their requests? For example:
> 
> FWIW:
> 
>  $ dig @1.0.0.1 id.server. CH TXT
>  [...]
>  ;; OPT PSEUDOSECTION:
>  ; EDNS: version: 0, flags:; udp: 1536
>  ;; QUESTION SECTION:
>  ;id.server. CH  TXT
> 
>  ;; ANSWER SECTION:
>  id.server.  0   CH  TXT "dtw01"
>  [...]
> 
> 
> -- 
> Jeremy L. Gaddis
> 

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Jeremy L. Gaddis]

On 2018-04-03 (Tue) at 01:22 EDT, Tore Anderson wrote:
> Any plans to support NSID and/or "hostname.bind" to allow clients to
> identify which node is serving their requests? For example:

FWIW:

  $ dig @1.0.0.1 id.server. CH TXT
  [...]
  ;; OPT PSEUDOSECTION:
  ; EDNS: version: 0, flags:; udp: 1536
  ;; QUESTION SECTION:
  ;id.server. CH  TXT
  
  ;; ANSWER SECTION:
  id.server.  0   CH  TXT "dtw01"
  [...]


-- 
Jeremy L. Gaddis

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Alejandra Moreno]

Great article!

Thanks for sharing :)


On Mon, Apr 2, 2018 at 11:12 PM, Hank Nussbacher 
wrote:

> On 03/04/2018 01:39, Matt Hoppes wrote:
>
> You might be interested in these links which compare the services:
> https://medium.com/@nykolas.z/dns-resolvers-performance-
> compared-cloudflare-x-google-x-quad9-x-opendns-149e803734e5
> https://webxtrakt.com/public-dns-performance
>
> -Hank
>
> > So in all this discussion, what I'm finding interesting is that
> > 8.8.8.8 is actually more hops away from me than either 9.9.9.9 or 1.1.1.1
> >
> > On 4/2/18 6:06 PM, Seth Mattinen wrote:
> >> On 4/2/18 14:58, Marty Strong via NANOG wrote:
> >>> Routing from ~150 locations, plenty of redundancy.
> >>>
> >>> https://www.cloudflare.com/network/
> >>
> >>
> >> I recommend 9.9.9.9 to people (if they must use a public resolver)
> >> because Quad9/PCH serves local markets of all sizes with anycast
> >> nodes and peering, not just "major markets". Since I'm not in a major
> >> market I want to support those who support the small markets that are
> >> overlooked by the big guys.
> >
>
>

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[George Skorup]

1.1.1.1 not usable via Windstream peering in Chicago.

# traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
...
 3  be4.agr01.chcg02-il.us.windstream.net (40.136.99.22)  5.158 ms 
5.116 ms  7.565 ms
 4  ae13-0.cr01.chcg01-il.us.windstream.net (40.136.99.44)  4.673 ms  
4.644 ms  4.600 ms
 5  et8-0-0-0.cr02.dlls01-tx.us.windstream.net (40.128.10.135) 27.136 
ms  27.099 ms  27.053 ms
 6  xe0-2-3-0.cr02.dnvt01-co.us.windstream.net (40.136.97.125) 29.075 
ms  28.381 ms  28.336 ms
 7  xe3-3-1-0.pe03.dums01-tx.us.windstream.net (173.189.57.195) 46.121 
ms  46.193 ms  46.148 ms

 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  *^C

# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=248 time=43.2 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=248 time=43.9 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=248 time=42.8 ms
^C
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 42.892/43.344/43.915/0.489 ms

# nslookup
> server 1.1.1.1
Default server: 1.1.1.1
Address: 1.1.1.1#53
> google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Tore Anderson]

* Marty Strong via NANOG 

> Routing from ~150 locations, plenty of redundancy.

Any plans to support NSID and/or "hostname.bind" to allow clients to
identify which node is serving their requests? For example:

$ dig @nsb.dnsnode.net. hostname.bind. CH TXT +nsid
[...]
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID: 73 34 2e 6f 73 6c ("s4.osl")
;; QUESTION SECTION:
;hostname.bind. CH  TXT

;; ANSWER SECTION:
hostname.bind.  0   CH  TXT "s4.osl"
[...]

Tore

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Hank Nussbacher]

On 03/04/2018 01:39, Matt Hoppes wrote:

You might be interested in these links which compare the services:
https://medium.com/@nykolas.z/dns-resolvers-performance-compared-cloudflare-x-google-x-quad9-x-opendns-149e803734e5
https://webxtrakt.com/public-dns-performance

-Hank

> So in all this discussion, what I'm finding interesting is that
> 8.8.8.8 is actually more hops away from me than either 9.9.9.9 or 1.1.1.1
>
> On 4/2/18 6:06 PM, Seth Mattinen wrote:
>> On 4/2/18 14:58, Marty Strong via NANOG wrote:
>>> Routing from ~150 locations, plenty of redundancy.
>>>
>>> https://www.cloudflare.com/network/
>>
>>
>> I recommend 9.9.9.9 to people (if they must use a public resolver)
>> because Quad9/PCH serves local markets of all sizes with anycast
>> nodes and peering, not just "major markets". Since I'm not in a major
>> market I want to support those who support the small markets that are
>> overlooked by the big guys.
>

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Matt Hoppes]

So in all this discussion, what I'm finding interesting is that 8.8.8.8 
is actually more hops away from me than either 9.9.9.9 or 1.1.1.1


On 4/2/18 6:06 PM, Seth Mattinen wrote:

On 4/2/18 14:58, Marty Strong via NANOG wrote:

Routing from ~150 locations, plenty of redundancy.

https://www.cloudflare.com/network/



I recommend 9.9.9.9 to people (if they must use a public resolver) 
because Quad9/PCH serves local markets of all sizes with anycast nodes 
and peering, not just "major markets". Since I'm not in a major market I 
want to support those who support the small markets that are overlooked 
by the big guys.

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Seth Mattinen]

On 4/2/18 14:58, Marty Strong via NANOG wrote:

Routing from ~150 locations, plenty of redundancy.

https://www.cloudflare.com/network/



I recommend 9.9.9.9 to people (if they must use a public resolver) 
because Quad9/PCH serves local markets of all sizes with anycast nodes 
and peering, not just "major markets". Since I'm not in a major market I 
want to support those who support the small markets that are overlooked 
by the big guys.

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Marty Strong via NANOG]

Routing from ~150 locations, plenty of redundancy.

https://www.cloudflare.com/network/

Regards,
Marty Strong
--
Cloudflare - AS13335
Network Engineer
ma...@cloudflare.com
+44 7584 906 055
smartflare (Skype)

https://www.peeringdb.com/asn/13335

> On 2 Apr 2018, at 21:14, Saku Ytti  wrote:
> 
> If they are for redundancy, wouldn't it be preferable to route them to
> different place to cover more fault scenarios.
> 
> I would complain if they are routed to same place.
> 
> 
> On 2 April 2018 at 22:56, Colin Johnston  wrote:
>> dont know if this is a problem but seeing different as paths for 1.0.0.1 and 
>> 1.1.1.1 in UK as lands
>> 
>> 2  185.61.135.25 (185.61.135.25)  1.964 ms  72.824 ms  72.835 ms
>> 3  10.254.84.3 (10.254.84.3)  2.671 ms  2.577 ms  2.601 ms
>> 4  31.28.72.22 (31.28.72.22)  2.798 ms  2.897 ms  3.123 ms
>> 5  * * *
>> 6  * * *
>> 7  ve160.er2.thn.as50056.net (178.18.119.90)  3.786 ms 178.18.122.193 
>> (178.18.122.193)  2.542 ms ve160.er2.thn.as50056.net (178.18.119.90)  3.736 
>> ms
>> 8  * 1dot1dot1dot1.cloudflare-dns.com (1.1.1.1)  3.350 ms *
>> 
>> 
>> 
>> 2  185.61.135.25 (185.61.135.25)  3.172 ms  3.154 ms  3.130 ms
>> 3  10.254.84.3 (10.254.84.3)  3.228 ms  3.525 ms  3.502 ms
>> 4  31.28.72.22 (31.28.72.22)  3.781 ms  3.869 ms  3.857 ms
>> 5  * * *
>> 6  ve165.er1.the.as50056.net (94.126.43.225)  16.655 ms  9.496 ms  9.454 ms
>> 7  lonap.as13335.net (5.57.81.75)  91.859 ms  2.484 ms  196.896 ms
>> 8  1dot1dot1dot1.cloudflare-dns.com (1.0.0.1)  2.504 ms  2.804 ms  2.799 ms
>> 
>> 
>> Colin
>> 
> 
> 
> 
> -- 
>  ++ytti

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Job Snijders]

On Mon, Apr 2, 2018 at 8:14 PM, Saku Ytti  wrote:
> If they are for redundancy, wouldn't it be preferable to route them to
> different place to cover more fault scenarios.
>
> I would complain if they are routed to same place.

Better start complaining then :-)

Kind regards,

Job

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Saku Ytti]

If they are for redundancy, wouldn't it be preferable to route them to
different place to cover more fault scenarios.

I would complain if they are routed to same place.


On 2 April 2018 at 22:56, Colin Johnston  wrote:
> dont know if this is a problem but seeing different as paths for 1.0.0.1 and 
> 1.1.1.1 in UK as lands
>
> 2  185.61.135.25 (185.61.135.25)  1.964 ms  72.824 ms  72.835 ms
>  3  10.254.84.3 (10.254.84.3)  2.671 ms  2.577 ms  2.601 ms
>  4  31.28.72.22 (31.28.72.22)  2.798 ms  2.897 ms  3.123 ms
>  5  * * *
>  6  * * *
>  7  ve160.er2.thn.as50056.net (178.18.119.90)  3.786 ms 178.18.122.193 
> (178.18.122.193)  2.542 ms ve160.er2.thn.as50056.net (178.18.119.90)  3.736 ms
>  8  * 1dot1dot1dot1.cloudflare-dns.com (1.1.1.1)  3.350 ms *
>
>
>
>  2  185.61.135.25 (185.61.135.25)  3.172 ms  3.154 ms  3.130 ms
>  3  10.254.84.3 (10.254.84.3)  3.228 ms  3.525 ms  3.502 ms
>  4  31.28.72.22 (31.28.72.22)  3.781 ms  3.869 ms  3.857 ms
>  5  * * *
>  6  ve165.er1.the.as50056.net (94.126.43.225)  16.655 ms  9.496 ms  9.454 ms
>  7  lonap.as13335.net (5.57.81.75)  91.859 ms  2.484 ms  196.896 ms
>  8  1dot1dot1dot1.cloudflare-dns.com (1.0.0.1)  2.504 ms  2.804 ms  2.799 ms
>
>
> Colin
>



-- 
  ++ytti

Re: Cloudflare 1.1.1.1 public DNS different as path info for 1.0.0.1 and 1.1.1.1 london

[Colin Johnston]

dont know if this is a problem but seeing different as paths for 1.0.0.1 and 
1.1.1.1 in UK as lands

2  185.61.135.25 (185.61.135.25)  1.964 ms  72.824 ms  72.835 ms
 3  10.254.84.3 (10.254.84.3)  2.671 ms  2.577 ms  2.601 ms
 4  31.28.72.22 (31.28.72.22)  2.798 ms  2.897 ms  3.123 ms
 5  * * *
 6  * * *
 7  ve160.er2.thn.as50056.net (178.18.119.90)  3.786 ms 178.18.122.193 
(178.18.122.193)  2.542 ms ve160.er2.thn.as50056.net (178.18.119.90)  3.736 ms
 8  * 1dot1dot1dot1.cloudflare-dns.com (1.1.1.1)  3.350 ms *



 2  185.61.135.25 (185.61.135.25)  3.172 ms  3.154 ms  3.130 ms
 3  10.254.84.3 (10.254.84.3)  3.228 ms  3.525 ms  3.502 ms
 4  31.28.72.22 (31.28.72.22)  3.781 ms  3.869 ms  3.857 ms
 5  * * *
 6  ve165.er1.the.as50056.net (94.126.43.225)  16.655 ms  9.496 ms  9.454 ms
 7  lonap.as13335.net (5.57.81.75)  91.859 ms  2.484 ms  196.896 ms
 8  1dot1dot1dot1.cloudflare-dns.com (1.0.0.1)  2.504 ms  2.804 ms  2.799 ms


Colin