0

outlook.office.com - returns IPv6 only

Been using NextDNS without too much trouble for a few months. Configured as DNS on my ASUS router with DNS-Over-TLS configured in strict mode. No issues.

Now I have run into a weird one: 

Trying to get to my company's M365 portal works (portal.office.com), but trying to get to the outlook page (outlook.office.com) fails. The only difference I can see, is that the first returns a set of IPv4 addresses as well as IPv6, while the latter only returns a list of IPv6 addresses.

It's been working until last week or so. 

No local DNS config on clients other than default (= obtain from router).

My browsers only return a "cannot be reached" message when trying to get to https://outlook.office.com

When querying from my Windows 11 and Linux machine, I get no IPv4 addresses returned.  Specifying the DNS servers to query (NextDNS, Google and so forth) it resolves correctly.

Example:

Not working;

host outlook.office.com
outlook.office.com has IPv6 address 2603:1026:c0d:81a::2
outlook.office.com has IPv6 address 2603:1026:c0d:82e::2
outlook.office.com has IPv6 address 2603:1026:c0d:82a::2
outlook.office.com has IPv6 address 2603:1026:c0d:82d::2

Working;

host outlook.office.com 45.90.28.228 ( << Same DNS as configured in my ASUS router)
Using domain server:
Name: 45.90.28.228
Address: 45.90.28.228#53
Aliases: 

outlook.office.com has address 40.99.150.98
outlook.office.com has address 52.98.171.226
outlook.office.com has address 52.98.152.194
outlook.office.com has address 40.99.150.18

outlook.office.com has IPv6 address 2603:1026:c0d:807::2
outlook.office.com has IPv6 address 2603:1026:c0d:803::2
outlook.office.com has IPv6 address 2603:1026:c0d:c02::2
outlook.office.com has IPv6 address 2603:1026:c0d:82e::2
 

Tunneling into the router and querying directly from there works as well. 

Anyone seen something similar? It works when adding a VPN with a different DNS config, and it works when using mobile data and bypassing my own setup. Could be some ASUS weirdness as well of course, and I am digging into that as I write this. Just wanted to ask before I started to change this back to default settings and so on. 

Thanks in advance.

5 replies

null
    • Kenneth_Fossum
    • 1 yr ago
    • Reported - view

    Can confirm that using Google's DNS servers works and outlook.office.com resolves correctly. Points to some weirdness on the NextDNS side of things imho.

    • NextDNs
    • 1 yr ago
    • Reported - view

    Outlook as a configuration issue, some of their authoritative name servers for this domain are not returning the same response as the others. So depending on which NS our servers asked to, the response is different:

    dig +norecurse outlook.office.com @a.gtld-servers.net|awk '/\tNS\t/ {print $5}'|while read ns; do echo "NS $ns:"; dig +norecurse +short outlook.office.com @$ns; echo; done
    
    NS nse12.o365filtering.com.:
    substrate.office.com.
    outlook.office365.com.
    outlook.ha.office365.com.
    
    NS nse13.o365filtering.com.:
    substrate.office.com.
    outlook.office365.com.
    outlook.ha.office365.com.
    
    NS nse21.o365filtering.com.:
    substrate.office.com.
    outlook.office365.com.
    outlook.ha.office365.com.
    
    NS nse24.o365filtering.com.:
    substrate.office.com.
    outlook.office365.com.
    outlook.ha.office365.com.
    
    NS ns1-32.azure-dns.com.:
    substrate.office.com.
    outlook.office365.com.
    
    NS ns2-32.azure-dns.net.:
    substrate.office.com.
    outlook.office365.com.
    
    NS ns3-32.azure-dns.org.:
    substrate.office.com.
    outlook.office365.com.
    
    NS ns4-32.azure-dns.info.:
    substrate.office.com.
    outlook.office365.com.
    
    

    On other services, you will randomly get the wrong answer too depending on which cache you are hitting. Microsoft need to fix their configuration.

      • Kenneth_Fossum
      • 1 yr ago
      • Reported - view

      NextDNS  Thanks for the feedback. Much appreciated. Will play around with this some more. Just happy I found a workaround for now. Thank you.

    • Entreposto
    • 12 days ago
    • Reported - view

    I'm sorry to resurrect this thread, but we are facing a similar problem with some websites. It usually happens with google.com, the query returns only a IPv6. Restarting the nextdns client on the Unifi Gateways resolves the issue.
    I find odd is that restarting the client solves it

    • Entreposto
    • 9 days ago
    • Reported - view

    Just happened again:
     

    root@UDM:~# nslookup
    > google.com
    Server:        127.0.0.1
    Address:    127.0.0.1#53

    Non-authoritative answer:
    Name: google.com
    Address: 2800:3f0:4001:839::200e
    > exit

    root@UDM:~# nextdns restart
    root@UDM:~# nslookup
    > google.com
    Server:        127.0.0.1
    Address:    127.0.0.1#53

    Non-authoritative answer:
    Name: google.com
    Address: 172.217.29.238
    Name: google.com
    Address: 2800:3f0:4001:839::200e

Content aside

  • 9 days agoLast active
  • 5Replies
  • 273Views
  • 3 Following