Skip to content

Instantly share code, notes, and snippets.

@optman
Last active October 10, 2015 03:15
Show Gist options
  • Save optman/c37dce411c987ea10398 to your computer and use it in GitHub Desktop.
Save optman/c37dce411c987ea10398 to your computer and use it in GitHub Desktop.
resolve gist.github.com name
root@VPS1:~# dig gist.github.com @8.8.8.8
; <<>> DiG 9.8.1-P1 <<>> gist.github.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33582
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;gist.github.com. IN A
;; ANSWER SECTION:
gist.github.com. 2 IN A 192.30.252.141
;; Query time: 45 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Oct 8 13:27:40 2015
;; MSG SIZE rcvd: 49
optman@ubuntu:~$ dig gist.github.com @8.8.8.8
; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> gist.github.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10595
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;gist.github.com. IN A
;; ANSWER SECTION:
gist.github.com. 2716 IN A 216.234.179.13
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Oct 08 13:28:07 CST 2015
;; MSG SIZE rcvd: 64
optman@ubuntu:~$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 Hiwifi.lan (192.168.199.1) 0.425 ms 0.533 ms 0.603 ms
2 10.0.100.2 (10.0.100.2) 104.644 ms 105.868 ms 105.885 ms
3 118.193.80.93 (118.193.80.93) 107.096 ms 107.108 ms 108.805 ms <-- the vpn server is behide GFW!!!
4 139.159.48.5 (139.159.48.5) 108.731 ms 139.159.48.9 (139.159.48.9) 108.688
5 * * *
6 TenGE2-1.br01.tok02.pccwbtn.net (63.218.250.97) 108.754 ms * *
7 216.239.54.13 (216.239.54.13) 106.917 ms 216.239.50.241 (216.239.50.241) 1
8 64.233.174.175 (64.233.174.175) 109.735 ms * *
9 209.85.255.23 (209.85.255.23) 107.500 ms 209.85.255.147 (209.85.255.147) 1
@optman
Copy link
Author

optman commented Oct 8, 2015

i hava try many public dns server at http://public-dns.tk/ , the result is always 216.234.179.13 no matter through or not through xxx vpn. but if i run in at vps server, the result is correct as 192.30.252.141. so i can conclude that all dns request through GFW has been polluted, even the xxx vpn.

@optman
Copy link
Author

optman commented Oct 8, 2015

after some googling, 216.234.179.13 is confirmed to be a common used poisoned ip by GFW! https://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%BC%93%E5%AD%98%E6%B1%A1%E6%9F%93

@optman
Copy link
Author

optman commented Oct 9, 2015

after more dig, i have found the problem is not caused by GFW, but the home Router!!!

//VPN全局模式
optman@ubuntu:~$ dig gist.github.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> gist.github.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45408
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;gist.github.com. IN A

;; ANSWER SECTION:
gist.github.com. 3 IN A 192.30.252.141 <-- correct

;; Query time: 159 msec <------- slow
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Oct 09 10:47:04 CST 2015
;; MSG SIZE rcvd: 60

//VPN智能模式
optman@ubuntu:~$ dig gist.github.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> gist.github.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35822
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;gist.github.com. IN A

;; ANSWER SECTION:
gist.github.com. 2495 IN A 216.234.179.13 <--- wrong !!!

;; Query time: 47 msec <---- fast
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Oct 09 10:40:38 CST 2015
;; MSG SIZE rcvd: 64

In smart mode, the home router will bypass all dns resolve request, and response its own result. regardless which resolver server to request! i have try some public dns server, all wrong.

极路由的VPN设置里的智能模式会污染域名解析!!!请使用全局模式!!!

在智能模式下,估计是拦截了所有的DNS请求,并依赖默认DNS做请求(然后在中途进行污染?)!

极路由的默认DNS指向内网的ChinaDNS服务,既可防止污染,还可以继续使用智能模式!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment