Skip to content

Instantly share code, notes, and snippets.

@jamesarosen

jamesarosen/1.1.1.1.md

Created October 11, 2019 16:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jamesarosen/8801beec3614579b804389ea5f6e68b6 to your computer and use it in GitHub Desktop.
Save jamesarosen/8801beec3614579b804389ea5f6e68b6 to your computer and use it in GitHub Desktop.
Download ZIP
Does 1.1.1.1 resolve .org domains properly?
Raw
1.1.1.1.md

A friend asked me whether Cloudflare's 1.1.1.1 service was having trouble resolving .org domains. Here are some findings.

From SF:

dig zendesk.com
;; ANSWER SECTION:
zendesk.com.		3432	IN	A	54.172.126.223
zendesk.com.		3432	IN	A	34.206.241.1
zendesk.com.		3432	IN	A	34.225.199.37

dig @1.1.1.1 zendesk.com
;; ANSWER SECTION:
zendesk.com.		1068	IN	A	54.172.126.223
zendesk.com.		1068	IN	A	34.206.241.1
zendesk.com.		1068	IN	A	34.225.199.37

dig everlane.com
;; ANSWER SECTION:
everlane.com.		300	IN	A	99.84.224.63
everlane.com.		300	IN	A	99.84.224.84
everlane.com.		300	IN	A	99.84.224.85
everlane.com.		300	IN	A	99.84.224.123

dig @1.1.1.1 everlane.com
;; ANSWER SECTION:
everlane.com.		10	IN	A	13.35.78.12
everlane.com.		10	IN	A	13.35.78.51
everlane.com.		10	IN	A	13.35.78.95
everlane.com.		10	IN	A	13.35.78.121

dig code.org
;; ANSWER SECTION:
code.org.		60	IN	A	13.35.90.221

dig @1.1.1.1 code.org
;; ANSWER SECTION:
code.org.		3	IN	A	99.84.236.237

dig wikipedia.org
;; ANSWER SECTION:
wikipedia.org.		575	IN	A	198.35.26.96

dig @1.1.1.1 wikipedia.org
;; ANSWER SECTION:
wikipedia.org.		494	IN	A	198.35.26.96

So I get answers back (and quite quickly). There are differences between my resolver and 1.1.1.1 for both .com and .org domains.

But do the differences matter? These two return (more or less) the same result:

curl https://www.everlane.com/ --resolve www.everlane.com:443:99.84.224.63
curl https://www.everlane.com/ --resolve www.everlane.com:443:13.35.78.12

As do these:

curl https://code.org --resolve code.org:443:13.35.90.221
curl https://code.org --resolve code.org:443:99.84.236.237

Let's try NYC:

dig zendesk.com
;; ANSWER SECTION:
zendesk.com.		3600	IN	A	34.206.241.1
zendesk.com.		3600	IN	A	34.225.199.37
zendesk.com.		3600	IN	A	54.172.126.223

dig @1.1.1.1 zendesk.com
;; ANSWER SECTION:
zendesk.com.		1707	IN	A	34.225.199.37
zendesk.com.		1707	IN	A	54.172.126.223
zendesk.com.		1707	IN	A	34.206.241.1

dig everlane.com
;; ANSWER SECTION:
everlane.com.		57	IN	A	13.226.38.52
everlane.com.		57	IN	A	13.226.38.114
everlane.com.		57	IN	A	13.226.38.36
everlane.com.		57	IN	A	13.226.38.112

dig @1.1.1.1 everlane.com
;; ANSWER SECTION:
everlane.com.		188	IN	A	99.84.181.42
everlane.com.		188	IN	A	99.84.181.52
everlane.com.		188	IN	A	99.84.181.95
everlane.com.		188	IN	A	99.84.181.27

dig code.org
;; ANSWER SECTION:
code.org.		60	IN	A	13.225.195.215

dig @1.1.1.1 code.org
;; ANSWER SECTION:
code.org.		39	IN	A	143.204.146.221

dig wikipedia.org
;; ANSWER SECTION:
wikipedia.org.		600	IN	A	208.80.154.224

dig @1.1.1.1 wikipedia.org
;; ANSWER SECTION:
wikipedia.org.		84	IN	A	208.80.154.224

Again: some differences, some the same, but the differences seem to be due to the domains having multiple nameservers.

I don't see a problem here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment