Need to optimize EDNS0 Client Subnet (ECS) with some large CDN services
Hi,
After using nextdns for a while with the ultralow server, I realized that the team should further optimize ECS with large CDN services.
For Akamai's CDN service, I found nextdns doesn't send ECS when querying for domains with Akamai's CNAME.
Some big companies like Apple, Let's Encrypt,... use Akamai CDN to deliver data, but nextdns ECS doesn't send ECS. Meanwhile, Wikipedia's domain name when resolving to the same IP (without using a 3rd party CDN service), nextdns sends ECS.
Should nextdns consider to improve ECS, for example sending ECS when the domain name has the CNAME of the CDN.
For example:
Client: nextdns-cli
Country: Vietnam
ISP: Viettel
* Domain `www.apple.com`
- With nextdns
odroid@odroid:~$ dig www.apple.com CHAOS
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.16.1-Ubuntu <<>> www.apple.com CHAOS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35036
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 7
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.apple.com. CH A
;; ANSWER SECTION:
www.apple.com. 5 IN CNAME www.apple.com.edgekey.net.
www.apple.com.edgekey.net. 5 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net.
www.apple.com.edgekey.net.globalredir.akadns.net. 5 IN CNAME e6858.dscx.akamaiedge.net.
e6858.dscx.akamaiedge.net. 5 IN A 23.56.21.204
;; ADDITIONAL SECTION:
proto.nextdns.io. 0 CH TXT "DOH"
server.nextdns.io. 0 CH TXT "greencloud-han-1"
profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1"
client.nextdns.io. 0 CH TXT "171.245.214.***"
client-name.nextdns.io. 0 CH TXT "nextdns-cli"
smart-ecs.nextdns.io. 0 CH TXT "not sent"
;; Query time: 80 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 09 10:58:34 +07 2022
;; MSG SIZE rcvd: 401
- With Google DNS
odroid@odroid:~$ dig www.apple.com @8.8.8.8
; <<>> DiG 9.16.1-Ubuntu <<>> www.apple.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12759
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.apple.com. IN A
;; ANSWER SECTION:
www.apple.com. 1783 IN CNAME www.apple.com.edgekey.net.
www.apple.com.edgekey.net. 21560 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net.
www.apple.com.edgekey.net.globalredir.akadns.net. 3516 IN CNAME e6858.dscx.akamaiedge.net.
e6858.dscx.akamaiedge.net. 15 IN A 104.93.16.212
;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Sep 09 11:00:25 +07 2022
;; MSG SIZE rcvd: 192
- With DNS ISP Viettel
odroid@odroid:~$ dig www.apple.com @203.113.188.1
; <<>> DiG 9.16.1-Ubuntu <<>> www.apple.com @203.113.188.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46103
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: d61f648323b836c801000000631abaafcb58044b25c10b52 (good)
;; QUESTION SECTION:
;www.apple.com. IN A
;; ANSWER SECTION:
www.apple.com. 100 IN CNAME www.apple.com.edgekey.net.
www.apple.com.edgekey.net. 17955 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net.
www.apple.com.edgekey.net.globalredir.akadns.net. 901 IN CNAME e6858.dscx.akamaiedge.net.
e6858.dscx.akamaiedge.net. 80 IN A 171.236.60.223
;; Query time: 4 msec
;; SERVER: 203.113.188.1#53(203.113.188.1)
;; WHEN: Fri Sep 09 11:01:51 +07 2022
;; MSG SIZE rcvd: 226
{ "ipAddress": "171.236.60.223", "continentCode": "AS", "continentName": "Asia", "countryCode": "VN", "countryName": "Vietnam", "isEuMember": false, "currencyCode": "VND", "currencyName": "Dong", "phonePrefix": "84", "languages": [ "vi", "en", "fr", "zh", "km" ], "stateProvCode": "HN", "stateProv": "Hanoi", "district": "Hoan Kiem", "city": "Hanoi", "geonameId": 1581130, "latitude": 21.0278, "longitude": 105.834, "gmtOffset": 7, "timeZone": "Asia/Bangkok", "weatherCode": "VMXX0006", "asNumber": 7552, "asName": "VIETEL-AS-AP", "isp": "Viettel Corporation", "linkType": "dsl", "usageType": "consumer", "organization": "Vietel", "isCrawler": false, "isProxy": false, "threatLevel": "low" }
* Domain `e1.o.lencr.org`
odroid@odroid:~$ dig e1.o.lencr.org CHAOS
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.16.1-Ubuntu <<>> e1.o.lencr.org CHAOS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13569
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 7
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;e1.o.lencr.org. CH A
;; ANSWER SECTION:
e1.o.lencr.org. 5 IN CNAME o.lencr.edgesuite.net.
o.lencr.edgesuite.net. 5 IN CNAME a1887.dscq.akamai.net.
a1887.dscq.akamai.net. 5 IN A 23.74.15.72
a1887.dscq.akamai.net. 5 IN A 23.74.15.131
;; ADDITIONAL SECTION:
proto.nextdns.io. 0 CH TXT "DOH"
server.nextdns.io. 0 CH TXT "greencloud-han-1"
profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1"
client.nextdns.io. 0 CH TXT "171.245.214.***"
client-name.nextdns.io. 0 CH TXT "nextdns-cli"
smart-ecs.nextdns.io. 0 CH TXT "not sent"
;; Query time: 80 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 09 11:10:36 +07 2022
;; MSG SIZE rcvd: 351
- With Google DNS
odroid@odroid:~$ dig e1.o.lencr.org @8.8.8.8
; <<>> DiG 9.16.1-Ubuntu <<>> e1.o.lencr.org @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19241
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;e1.o.lencr.org. IN A
;; ANSWER SECTION:
e1.o.lencr.org. 120 IN CNAME o.lencr.edgesuite.net.
o.lencr.edgesuite.net. 1700 IN CNAME a1887.dscq.akamai.net.
a1887.dscq.akamai.net. 20 IN A 125.234.51.9
a1887.dscq.akamai.net. 20 IN A 125.234.51.8
;; Query time: 52 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Sep 09 11:11:55 +07 2022
;; MSG SIZE rcvd: 142
- With DNS ISP Viettel
odroid@odroid:~$ dig e1.o.lencr.org @203.113.188.1
; <<>> DiG 9.16.1-Ubuntu <<>> e1.o.lencr.org @203.113.188.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24517
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: e7da11ad4928b44c01000000631abd53880bfc89cfcd4936 (good)
;; QUESTION SECTION:
;e1.o.lencr.org. IN A
;; ANSWER SECTION:
e1.o.lencr.org. 97 IN CNAME o.lencr.edgesuite.net.
o.lencr.edgesuite.net. 19789 IN CNAME a1887.dscq.akamai.net.
a1887.dscq.akamai.net. 25 IN A 125.234.51.9
a1887.dscq.akamai.net. 25 IN A 125.234.51.19
;; Query time: 4 msec
;; SERVER: 203.113.188.1#53(203.113.188.1)
;; WHEN: Fri Sep 09 11:13:07 +07 2022
;; MSG SIZE rcvd: 173
{ "ipAddress": "125.234.51.9", "continentCode": "AS", "continentName": "Asia", "countryCode": "VN", "countryName": "Vietnam", "isEuMember": false, "currencyCode": "VND", "currencyName": "Dong", "phonePrefix": "84", "languages": [ "vi", "en", "fr", "zh", "km" ], "stateProvCode": "HN", "stateProv": "Hanoi", "district": "Hoan Kiem", "city": "Hanoi", "geonameId": 1581130, "latitude": 21.0278, "longitude": 105.834, "gmtOffset": 7, "timeZone": "Asia/Bangkok", "weatherCode": "VMXX0006", "asNumber": 7552, "asName": "VIETEL-AS-AP", "isp": "Viettel Corporation", "linkType": "dsl", "usageType": "consumer", "organization": "xDSL Services", "isCrawler": false, "isProxy": false, "threatLevel": "low" }
* Domain `vi.wikipedia.org`
odroid@odroid:~$ dig vi.wikipedia.org CHAOS
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.16.1-Ubuntu <<>> vi.wikipedia.org CHAOS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28900
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 7
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;vi.wikipedia.org. CH A
;; ANSWER SECTION:
vi.wikipedia.org. 5 IN CNAME dyna.wikimedia.org.
dyna.wikimedia.org. 5 IN A 103.102.166.224
;; ADDITIONAL SECTION:
server.nextdns.io. 0 CH TXT "greencloud-han-1"
profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1"
proto.nextdns.io. 0 CH TXT "DOH"
client.nextdns.io. 0 CH TXT "171.245.214.***"
client-name.nextdns.io. 0 CH TXT "nextdns-cli"
smart-ecs.nextdns.io. 0 CH TXT "23.40.76.0/24"
;; Query time: 536 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 09 11:58:23 +07 2022
;; MSG SIZE rcvd: 304
- With Google DNS
odroid@odroid:~$ dig vi.wikipedia.org @8.8.8.8
; <<>> DiG 9.16.1-Ubuntu <<>> vi.wikipedia.org @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24082
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;vi.wikipedia.org. IN A
;; ANSWER SECTION:
vi.wikipedia.org. 19800 IN CNAME dyna.wikimedia.org.
dyna.wikimedia.org. 501 IN A 103.102.166.224
;; Query time: 36 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Sep 09 11:58:33 +07 2022
;; MSG SIZE rcvd: 90
- With ISP DNS Viettel
odroid@odroid:~$ dig vi.wikipedia.org @203.113.188.1
; <<>> DiG 9.16.1-Ubuntu <<>> vi.wikipedia.org @203.113.188.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32811
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 37b024624b5417f401000000631ac801ff05c8d436530fa0 (good)
;; QUESTION SECTION:
;vi.wikipedia.org. IN A
;; ANSWER SECTION:
vi.wikipedia.org. 39727 IN CNAME dyna.wikimedia.org.
dyna.wikimedia.org. 309 IN A 103.102.166.224
;; Query time: 4 msec
;; SERVER: 203.113.188.1#53(203.113.188.1)
;; WHEN: Fri Sep 09 11:58:41 +07 2022
;; MSG SIZE rcvd: 121
4 replies
-
can you test it with adguard dns?
-
Previously, I had checked 3 carriers in Vietnam (Viettel, VNPT and FPT) with Google DNS by sending ECS. As a result, all carriers have Akamai's servers.
I think, nextdns needs to improve more domains with CNAMEs of some big CDNs to optimize/prioritize connections in server country!
Previous tests with the remaining 2 carriers. Since carriers block DNS queries that aren't on the same carrier, I use Google DNS and send subnets.
- VNPT
; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> www.apple.com @8.8.8.8 +subnet=113.160.0.0/24 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27574 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ; CLIENT-SUBNET: 113.160.0.0/24/20 ;; QUESTION SECTION: ;www.apple.com. IN A ;; ANSWER SECTION: www.apple.com. 1067 IN CNAME www.apple.com.edgekey.net. www.apple.com.edgekey.net. 9161 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net. www.apple.com.edgekey.net.globalredir.akadns.net. 3442 IN CNAME e6858.dsce9.akamaiedge.net. e6858.dsce9.akamaiedge.net. 19 IN A 23.53.209.60 ;; Query time: 37 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Nov 27 14:03:21 +07 2020 ;; MSG SIZE rcvd: 204
{ "ipAddress": "23.53.209.60", "continentCode": "AS", "continentName": "Asia", "countryCode": "VN", "countryName": "Vietnam", "isEuMember": false, "currencyCode": "VND", "currencyName": "Dong", "phonePrefix": "84", "languages": [ "vi", "en", "fr", "zh", "km" ], "stateProvCode": "HN", "stateProv": "Hanoi", "district": "Hoan Kiem", "city": "Hanoi", "geonameId": 1581130, "latitude": 21.0278, "longitude": 105.834, "gmtOffset": 7, "timeZone": "Asia/Bangkok", "weatherCode": "VMXX0006", "asNumber": 45899, "asName": "VNPT-AS-VN", "isp": "VNPT Corp", "usageType": "hosting", "organization": "Akamai Technologies, Inc.", "isCrawler": false, "isProxy": false, "threatLevel": "low" }
- FPT
; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> www.apple.com @8.8.8.8 +subnet=1.52.0.0/24 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18095 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ; CLIENT-SUBNET: 1.52.0.0/24/20 ;; QUESTION SECTION: ;www.apple.com. IN A ;; ANSWER SECTION: www.apple.com. 320 IN CNAME www.apple.com.edgekey.net. www.apple.com.edgekey.net. 5533 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net. www.apple.com.edgekey.net.globalredir.akadns.net. 2825 IN CNAME e6858.dsce9.akamaiedge.net. e6858.dsce9.akamaiedge.net. 19 IN A 118.68.81.235 ;; Query time: 31 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Nov 27 14:05:11 +07 2020 ;; MSG SIZE rcvd: 204
{ "ipAddress": "118.68.81.235", "continentCode": "AS", "continentName": "Asia", "countryCode": "VN", "countryName": "Vietnam", "isEuMember": false, "currencyCode": "VND", "currencyName": "Dong", "phonePrefix": "84", "languages": [ "vi", "en", "fr", "zh", "km" ], "stateProvCode": "HN", "stateProv": "Hanoi", "district": "Hoan Kiem", "city": "Hanoi", "geonameId": 1581130, "latitude": 21.0278, "longitude": 105.834, "gmtOffset": 7, "timeZone": "Asia/Bangkok", "weatherCode": "VMXX0006", "asNumber": 18403, "asName": "FPT-AS-AP", "isp": "Vietnam Internet Network Information Center", "usageType": "corporate", "organization": "FPT Telecom Company", "isCrawler": false, "isProxy": false, "threatLevel": "low" }
-
Recently, I checked again, dev NextDNS have been listening and are optimizing ECS with large CDN services. I randomly checked the new domain www.tiktok.com & cf.shopee.vn also using akamai's service. The result was amazing, NextDNS sent ECS with akamai's service CNAME.
Although NextDNS sent ECS, it seems that akamai's authority server did not send that carrier's server IP. I'm using ISP Viettel, but when I send ECS, the akamai server's return address is at ISP VNPT (the anexia-han server is renting VNPT's network infrastructure)
Anyway, this optimizes NextDNS's anonymous ECS feature. Thank you!
- Domain www.apple.com
; <<>> DiG 9.16.33-Debian <<>> www.apple.com CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48628 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;www.apple.com. CH A ;; ANSWER SECTION: www.apple.com. 5 IN CNAME www.apple.com.edgekey.net. www.apple.com.edgekey.net. 5 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net. www.apple.com.edgekey.net.globalredir.akadns.net. 5 IN CNAME e6858.dscx.akamaiedge.net. e6858.dscx.akamaiedge.net. 5 IN A 113.171.18.77 ;; ADDITIONAL SECTION: client.nextdns.io. 0 CH TXT "171.245.222.142" server.nextdns.io. 0 CH TXT "anexia-han-1" profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1" client-name.nextdns.io. 0 CH TXT "nextdns-cli" proto.nextdns.io. 0 CH TXT "DOH" smart-ecs.nextdns.io. 0 CH TXT "23.40.76.0/24" ;; Query time: 28 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 22 22:25:22 +07 2022 ;; MSG SIZE rcvd: 402
- Domain e1.o.lencr.org
; <<>> DiG 9.16.33-Debian <<>> e1.o.lencr.org CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38124 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;e1.o.lencr.org. CH A ;; ANSWER SECTION: e1.o.lencr.org. 5 IN CNAME o.lencr.edgesuite.net. o.lencr.edgesuite.net. 5 IN CNAME a1887.dscq.akamai.net. a1887.dscq.akamai.net. 5 IN A 113.171.12.10 a1887.dscq.akamai.net. 5 IN A 113.171.12.96 ;; ADDITIONAL SECTION: client-name.nextdns.io. 0 CH TXT "nextdns-cli" proto.nextdns.io. 0 CH TXT "DOH" server.nextdns.io. 0 CH TXT "anexia-han-1" profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1" client.nextdns.io. 0 CH TXT "171.245.222.142" smart-ecs.nextdns.io. 0 CH TXT "23.40.76.0/24" ;; Query time: 128 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 22 22:25:46 +07 2022 ;; MSG SIZE rcvd: 352
- Domain www.tiktok.com
; <<>> DiG 9.16.33-Debian <<>> www.tiktok.com CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25942 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;www.tiktok.com. CH A ;; ANSWER SECTION: www.tiktok.com. 5 IN CNAME www.tiktok.com.edgesuite.net. www.tiktok.com.edgesuite.net. 5 IN CNAME a2047.r.akamai.net. a2047.r.akamai.net. 5 IN A 113.171.12.131 a2047.r.akamai.net. 5 IN A 113.171.12.123 a2047.r.akamai.net. 5 IN A 113.171.12.9 a2047.r.akamai.net. 5 IN A 113.171.12.130 a2047.r.akamai.net. 5 IN A 113.171.12.8 a2047.r.akamai.net. 5 IN A 113.171.12.122 a2047.r.akamai.net. 5 IN A 113.171.12.128 a2047.r.akamai.net. 5 IN A 113.171.12.129 a2047.r.akamai.net. 5 IN A 113.171.12.121 ;; ADDITIONAL SECTION: proto.nextdns.io. 0 CH TXT "DOH" client.nextdns.io. 0 CH TXT "171.245.222.142" server.nextdns.io. 0 CH TXT "anexia-han-1" profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1" client-name.nextdns.io. 0 CH TXT "nextdns-cli" smart-ecs.nextdns.io. 0 CH TXT "23.40.76.0/24" ;; Query time: 160 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 22 22:25:54 +07 2022 ;; MSG SIZE rcvd: 468
- Domain cf.shopee.vn
; <<>> DiG 9.16.33-Debian <<>> cf.shopee.vn CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 827 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;cf.shopee.vn. CH A ;; ANSWER SECTION: cf.shopee.vn. 5 IN CNAME cf.shopee.vn.akamaized.net. cf.shopee.vn.akamaized.net. 5 IN CNAME a1958.w16.akamai.net. a1958.w16.akamai.net. 5 IN A 23.45.127.193 a1958.w16.akamai.net. 5 IN A 23.45.127.177 ;; ADDITIONAL SECTION: proto.nextdns.io. 0 CH TXT "DOH" profile.nextdns.io. 0 CH TXT "fp9bcd6aeabd69c3f1" client-name.nextdns.io. 0 CH TXT "nextdns-cli" server.nextdns.io. 0 CH TXT "greencloud-han-1" client.nextdns.io. 0 CH TXT "171.245.222.142" smart-ecs.nextdns.io. 0 CH TXT "23.40.76.0/24" ;; Query time: 139 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 22 22:58:46 +07 2022 ;; MSG SIZE rcvd: 358
Content aside
-
4
Likes
- 2 yrs agoLast active
- 4Replies
- 628Views
-
4
Following