How to disable the very little-known AT&T setting that can appear to hijack your home DNS lookups and redirect to 184.108.40.206
DNS queries on home network suddenly resolving hosts to 220.127.116.11.
You will see SPORADIC mis-resolutions of EVERYTHING to that 18.104.22.168 address if their crappy router happens to hear your PC's DHCP request - EVEN IF ANOTHER DHCP SERVER ON THE NETWORK assigns the ultimate address.
Do an IPCONFIG /ALL on the PC in question, and look carefully only at the DNS SERVER line....and note it is wrongfully THE ATT ROUTER (192.168.1.254 in my case)!. In almost every case, simply preforming a IPCONFIG /RENEW right there and again performing the /ALL, will then correctly show that YOUR DHCP SERVER'S ASSIGNED DNS SERVER is now listed.
Now, what REALLY took friggin digging including phone calls to finally find an engineer to let the cat out of the bag is why the "22.214.171.124" address? Where is that coming from?
So my bet is you also don't know that by default AT&T has taken upon itself to forcibly inject it's own DNS server (as the router) with the latest round of firmware and unless you TAKE ACTION TO OPT-OUT, will intercept your DNS queries via new changes in router firmware pushing out the router as DNS server.
AT&T's VERY HIDDEN "helper" redirection for DNS that YOU MUST OPT-OUT of is named "DNS Error Assist" which causes this unwanted behavior.
Here is how to disable AT&T's "DNS Error Assist" service on your account.
NOTE, this does NOT fix the recent router firmware issues that also re-enabled IPv6 without notifications that is also allowing THEIR ROUTER to continue to hand-out DNS even when you set a single IP pool range for DHCP with a non-existent reservation (which should in effect kill all DHCP on their router from handing out ANYTHING). This appears to be a firmware issue with no known current workarounds other than to take precautionary measures to ensure your DHCP replies first.
- Navigate to att.com and in the upper-right LOGIN
- Click YOUR NAME, then VIEW PROFILE
- Click "Communication preferences".
- Click "Privacy Settings".
- Click "DNS Error Assist " and FRIGGIN CLICK OPT-OUT!! This is what is redirecting (via the router) your DNS queries ACTIVELY TO THEIR SERVER (126.96.36.199 is an AT&T address via Rackspace).
(OPTIONAL): While there, you may also choose to click "External Marketing & Analytics Reports", "Relevant Advertising", and "Enhanced Relevant Advertising" and also OPT-OUT of all of those that they also DO NOT TELL YOU THAT YOU HAVE ENABLED ON YOUR ACCOUNT.
Note this is actually a per-use back-end server setting and as you will see the DNS setting says it can take up to 24hrs whereas the more "typical" privacy crap of the advertising etc. will tell you up to a week to be effective, further supporting that the "DNS error assist" is an infrastructure-based setting being pushed to your router that they not only know they have recently put into place, but have the ability to disable.
If you use a Pi-hole like I do, you can disable the DHCP server on the ARRIS border gateway modem (if that's the model you have), then configure the Pi-hole to answer DHCP queries.
This works on the ARRIS BGW210-700 modem.
Note that you will also have to disable IPv6 completely as the way IPv6 works causes DHCP and DNS to not work properly in my experience, at least without a more advanced setup than I have time to create.