NextDNS Returning Invalid DNS Results?

Ron_Heft
1 yr ago
2replies

I'm having an issue accessing Airtable today, and it appears NextDNS is returning an IP address that is not owned by Airtable.

If I make a DNS request for airtable.com, I get the following results:

nslookup airtable.com 45.90.28.180
Server:        45.90.28.180
Address:    45.90.28.180#53
Non-authoritative answer:
Name:    airtable.com
Address: 34.199.122.104
Name:    airtable.com
Address: 34.230.107.180
Name:    airtable.com
Address: 3.211.236.168
Name:    airtable.com
Address: 50.16.153.225

The 3.211.236.168 IP address is the problem. If I curl that IP, I get the following result:

curl -v "https://3.211.236.168"
*   Trying 3.211.236.168:443...
* Connected to 3.211.236.168 (3.211.236.168) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=quickdrivingdirections.com
*  start date: Mar 18 00:00:00 2022 GMT
*  expire date: Apr 16 23:59:59 2023 GMT
*  subjectAltName does not match 3.211.236.168
* SSL: no alternative certificate subject name matches target host name '3.211.236.168'
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (60) SSL: no alternative certificate subject name matches target host name '3.211.236.168'
More details here: https://curl.se/docs/sslcerts.html

You'll see the CN is for quickdrivingdirections.com and not Airtable.

I know this can entirely be on Airtable's end, but I am seeing zero reports online of anyone having an issue with Airtable. If I query Airtable's hostname on other DNS services, I do not receive the IP not owned by Airtable. For example, on Google:

nslookup airtable.com 8.8.8.8
Server:        8.8.8.8
Address:    8.8.8.8#53
Non-authoritative answer:
Name:    airtable.com
Address: 50.16.153.225
Name:    airtable.com
Address: 34.199.122.104
Name:    airtable.com
Address: 34.230.107.180
Name:    airtable.com
Address: 34.206.165.74

I am also seeing this issues when querying other configuration profiles on my account using the IPv6 address. What's going on here?

- NextDNs
- 1 yr ago
- Reported - view
Can't reproduce:

dig airtable.com @45.90.28.0 +short
34.230.107.180
34.206.165.74
50.16.153.225
34.199.122.104

What do you get for https://test.nextdns.io ?
- Ron_Heft
  
  1 yr ago
  
  Reported - view
  NextDNS Thanks for looking into it!
  
  I have been able to resolve this issue. I discovered I was getting the bad IP with EDNS disabled on my account. Once I enabled EDNS, all the IPs from AirTable were correct as expected.
  
  If I perform a lookup today with EDNS disabled, the IPs are also correct, so I'm guessing this was on AirTable's side; they must have had a bad IP that was being served when no location data was provided.
  
  If you would like to do any more troubleshooting, I'm happy to assist, but since I can't reproduce now, I'm considering this resolved. Here is my test result if it helps at all. Thanks for the assistance!
  
  { "status": "ok", "protocol": "DOH", "profile": "fp3e3e42d1efd074eb", "client": "2601:152:4d00:65a1:d118:f872:6bec:e335", "srcIP": "2601:152:4d00:65a1:d118:f872:6bec:e335", "anycast": true, "server": "vultr-ewr-1", "clientName": "tailscale", "deviceName": "rkh-laptop", "deviceID": "necqKn3CNTRL", "deviceIP": "100.83.0.45", "deviceModel": "macOS" }

Content aside

1 yr agoLast active
2Replies
86Views
2 Following

NextDNS Returning Invalid DNS Results?

2 replies

Content aside

Home

Tags