Hi,
This morning everything went south with youtube.com for my school
district in Bothell, WA. When I am on the school district network I get:
ski@elle:~$ dig +trace youtube.com
; <<>> DiG 9.9.5-11ubuntu1-Ubuntu <<>> +trace youtube.com
;; global options: +cmd
. 436781 IN NS j.root-servers.net.
. 436781 IN NS c.root-servers.net.
. 436781 IN NS h.root-servers.net.
. 436781 IN NS f.root-servers.net.
. 436781 IN NS m.root-servers.net.
. 436781 IN NS b.root-servers.net.
. 436781 IN NS g.root-servers.net.
. 436781 IN NS d.root-servers.net.
. 436781 IN NS k.root-servers.net.
. 436781 IN NS l.root-servers.net.
. 436781 IN NS e.root-servers.net.
. 436781 IN NS a.root-servers.net.
. 436781 IN NS i.root-servers.net.
. 515218 IN RRSIG NS 8 0 518400 20151218170000 20151208160000 62530 .
QgF9b0kXkgGRVGVcwqm6g8EwvtFqG+vO4kx1lQfGijbaZcLkwkEIOoEh
8wPc6IiVyI6c7ua0SaL9i7A7Q0zy//fQJLb+Ji7xFtD4n0uSTzm0Xyd/
iainDAwnXRzwoFxR2j7dLRu7N0dsLpYKF9s9VF+Ky2nCcCnZqQlLEFDs L+A=
;; Received 913 bytes from 127.0.1.1#53(127.0.1.1) in 74 ms
youtube.com. 0 IN A 208.70.74.21
;; Received 45 bytes from 192.203.230.10#53(e.root-servers.net) in 1 ms
Notice that there is no recursion or name servers. This does not look
like a standard DNS transaction. Not only that, but 208.70.74.21 is
owned by Multacom Corp. Any ideas why this is going on? Is my DNS
being hijacked somehow. This only happens for youtube.com - apple.com,
www.google.com, etc. all work as expected.
For comparison, when I use my verizon phone hotspot I get:
ski@elle:~$ dig +trace youtube.com
; <<>> DiG 9.9.5-11ubuntu1-Ubuntu <<>> +trace youtube.com
;; global options: +cmd
. 38588 IN NS b.root-servers.net.
. 38588 IN NS d.root-servers.net.
. 38588 IN NS f.root-servers.net.
. 38588 IN NS c.root-servers.net.
. 38588 IN NS m.root-servers.net.
. 38588 IN NS g.root-servers.net.
. 38588 IN NS e.root-servers.net.
. 38588 IN NS i.root-servers.net.
. 38588 IN NS l.root-servers.net.
. 38588 IN NS k.root-servers.net.
. 38588 IN NS h.root-servers.net.
. 38588 IN NS j.root-servers.net.
. 38588 IN NS a.root-servers.net.
;; Received 239 bytes from 127.0.1.1#53(127.0.1.1) in 16499 ms
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 86400 IN DS 30909 8 2
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20151218170000 20151208160000 62530 .
CqO6/JQRMrFAIlB7I6oguyun+/InWoLWNJh0pPCNOJ00sOjxz+X9EZT0
jy0Dpn2nYAdI6F7adUOnGG5jHsiz7oQmHg9ncyMUoVkeMQV+p0JL4Wdf
kLqufz6NueraOLgs8FII8GP968odDLDbFbpD3wWM9tEh+NqZhaS5PiMT YJQ=
;; Received 735 bytes from 198.41.0.4#53(a.root-servers.net) in 3031 ms
youtube.com. 172800 IN NS ns2.google.com.
youtube.com. 172800 IN NS ns1.google.com.
youtube.com. 172800 IN NS ns3.google.com.
youtube.com. 172800 IN NS ns4.google.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 -
CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400
20151214055737 20151207044737 51797 com.
MrwJSdJZKLjHepqim6qM+oa1W+Ya6OzG4/yHhG3DRcjGGYUVzfTqqKsA
GOHkyBZ2eUKiBhcjKEdf+uvwpx0pAuaV0v1u3LaML52ILvd8Jh6Hxx2r
OqHPZ5O2QuZMnnFZuXYYYRWDnExxtPPhh94jHf7vHojNIiv/zDanYb5E VSo=
H5AFKDOBP05VCGM6958STOKNIEDLV3OR.com. 86400 IN NSEC3 1 1 0 -
H5AMN1SCRI4J99BRA7K4B8C018PJIVPN NS DS RRSIG
H5AFKDOBP05VCGM6958STOKNIEDLV3OR.com. 86400 IN RRSIG NSEC3 8 2 86400
20151214055802 20151207044802 51797 com.
oMRyyXEiWOQVDPLjm2ggBzF3CzI2/HO4PGJhO4nFueMD9gamuiENz+gA
ew/kdtnbztKucRSCMgtG2+uhQployz/WBRf1angLfWtIqeJR2008qayS
O0I4lHtchB6QGPT1UQf/qH9Bt9u5VlD7Naw/luQxBk9O4W+HiFf2wGsi fKA=
;; Received 668 bytes from 192.31.80.30#53(d.gtld-servers.net) in 2402 ms
youtube.com. 300 IN A 209.118.208.25
youtube.com. 300 IN A 209.118.208.44
youtube.com. 300 IN A 209.118.208.59
youtube.com. 300 IN A 209.118.208.54
youtube.com. 300 IN A 209.118.208.55
youtube.com. 300 IN A 209.118.208.20
youtube.com. 300 IN A 209.118.208.35
youtube.com. 300 IN A 209.118.208.49
youtube.com. 300 IN A 209.118.208.29
youtube.com. 300 IN A 209.118.208.45
youtube.com. 300 IN A 209.118.208.39
youtube.com. 300 IN A 209.118.208.24
youtube.com. 300 IN A 209.118.208.30
youtube.com. 300 IN A 209.118.208.34
youtube.com. 300 IN A 209.118.208.50
youtube.com. 300 IN A 209.118.208.40
;; Received 285 bytes from 216.239.38.10#53(ns4.google.com) in 415 ms
cheers,
ski
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, [email protected], 206-501-9803
or ski98033 on most IM services
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
