前有深圳电信 DNS 污染 /t/962196 ,现在广州电信也有同样的情况了
无论是广州东区还是西区,得到的解析结果都是污染的
nslookup cloudflare.com 202.96.128.166
Server: cache-b.guangzhou.gd.cn
Address: 202.96.128.166
Name: cloudflare.com
Addresses: ::1
127.0.0.1
nslookup cloudflare.com 202.96.134.133
Server: ns.szptt.net.cn
Address: 202.96.134.133
Name: cloudflare.com
Addresses: ::1
127.0.0.1
nslookup api.cloudflare.com 202.96.128.166
Server: cache-b.guangzhou.gd.cn
Address: 202.96.128.166
Name: api.cloudflare.com
Addresses: ::1
127.0.0.1
nslookup api.cloudflare.com 202.96.134.133
Server: ns.szptt.net.cn
Address: 202.96.134.133
Name: api.cloudflare.com
Addresses: ::1
127.0.0.1
用广东电信 IPv6 的 DNS:
nslookup cloudflare.com 240e:1f:1::1
Server: UnKnown
Address: 240e:1f:1::1
Name: cloudflare.com
Addresses: ::1
127.0.0.1
nslookup api.cloudflare.com 240e:1f:1::1
Server: UnKnown
Address: 240e:1f:1::1
Name: api.cloudflare.com
Addresses: ::1
127.0.0.1
全部都污染了。
但如果用外省电信的 DNS ,就一切正常,例如用贵州电信的:
nslookup cloudflare.com 202.98.192.67
Server: gz.ctcdma.com
Address: 202.98.192.67
Non-authoritative answer:
Name: cloudflare.com
Addresses: 2606:4700::6810:85e5
2606:4700::6810:84e5
104.16.132.229
104.16.133.229
nslookup api.cloudflare.com 202.98.192.67
Server: gz.ctcdma.com
Address: 202.98.192.67
Non-authoritative answer:
Name: api.cloudflare.com
Addresses: 2606:4700:300a::6813:c0af
2606:4700:300a::6813:c01d
2606:4700:300a::6813:c0b0
2606:4700:300a::6813:c11d
2606:4700:300a::6813:c0ae
2606:4700:300a::6813:c0b1
104.19.192.176
104.19.192.175
104.19.192.174
104.19.192.29
104.19.193.29
104.19.192.177
换成江西电信的 DNS ,正常:
nslookup cloudflare.com 202.101.224.68
Server: ns.jxncptt.net.cn
Address: 202.101.224.68
Non-authoritative answer:
Name: cloudflare.com
Addresses: 2606:4700::6810:85e5
2606:4700::6810:84e5
104.16.133.229
104.16.132.229
nslookup api.cloudflare.com 202.101.224.68
Server: ns.jxncptt.net.cn
Address: 202.101.224.68
Non-authoritative answer:
Name: api.cloudflare.com
Addresses: 2606:4700:300a::6813:c0af
2606:4700:300a::6813:c0b0
2606:4700:300a::6813:c11d
2606:4700:300a::6813:c0ae
2606:4700:300a::6813:c0b1
2606:4700:300a::6813:c01d
104.19.192.175
104.19.192.177
104.19.192.29
104.19.192.176
104.19.193.29
104.19.192.174
换成安徽电信的 DNS ,正常:
nslookup cloudflare.com 202.102.199.68
Server: cache2.ahwhtel.net.cn
Address: 202.102.199.68
Non-authoritative answer:
Name: cloudflare.com
Addresses: 2606:4700::6810:85e5
2606:4700::6810:84e5
104.16.132.229
104.16.133.229
nslookup api.cloudflare.com 202.102.199.68
Server: cache2.ahwhtel.net.cn
Address: 202.102.199.68
Non-authoritative answer:
Name: api.cloudflare.com
Addresses: 2606:4700:300a::6813:c01d
2606:4700:300a::6813:c0b0
2606:4700:300a::6813:c0af
2606:4700:300a::6813:c0ae
2606:4700:300a::6813:c11d
2606:4700:300a::6813:c0b1
104.19.192.175
104.19.193.29
104.19.192.177
104.19.192.29
104.19.192.174
104.19.192.176
1
yyzh 2023-08-07 00:24:11 +08:00 via Android
还好没上反诈墙.不然连改 dns 也无法访问的
|
2
wwbfred 2023-08-07 00:39:38 +08:00
运营商自己的 DNS 都带着各种稀奇古怪的污染和反诈墙,全国各地现在都这样了,不想使用换公共 DNS 就好。
|
3
pcslide 2023-08-07 01:26:07 +08:00
现在不推荐使用 nslookup 。看下 dig 结果。
|
4
cnbatch OP @pcslide 没任何区别
; <<>> DiG 9.18.16 <<>> cloudflare.com @202.96.134.133 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8546 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cloudflare.com. IN A ;; ANSWER SECTION: cloudflare.com. 300 IN A 127.0.0.1 ;; Query time: 5 msec ;; SERVER: 202.96.134.133#53(202.96.134.133) (UDP) ;; WHEN: Mon Aug 07 02:00:36 HKT 2023 ;; MSG SIZE rcvd: 48 ———————————————————————————————————— ; <<>> DiG 9.18.16 <<>> cloudflare.com AAAA @202.96.134.133 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19392 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cloudflare.com. IN AAAA ;; ANSWER SECTION: cloudflare.com. 300 IN AAAA ::1 ;; Query time: 5 msec ;; SERVER: 202.96.134.133#53(202.96.134.133) (UDP) ;; WHEN: Mon Aug 07 02:00:41 HKT 2023 ;; MSG SIZE rcvd: 60 ———————————————————————————————————— ; <<>> DiG 9.18.16 <<>> api.cloudflare.com A @202.96.134.133 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50590 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;api.cloudflare.com. IN A ;; ANSWER SECTION: api.cloudflare.com. 300 IN A 127.0.0.1 ;; Query time: 3 msec ;; SERVER: 202.96.134.133#53(202.96.134.133) (UDP) ;; WHEN: Mon Aug 07 02:01:50 HKT 2023 ;; MSG SIZE rcvd: 52 ———————————————————————————————————— ; <<>> DiG 9.18.16 <<>> api.cloudflare.com AAAA @202.96.134.133 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10470 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;api.cloudflare.com. IN AAAA ;; ANSWER SECTION: api.cloudflare.com. 300 IN AAAA ::1 ;; Query time: 5 msec ;; SERVER: 202.96.134.133#53(202.96.134.133) (UDP) ;; WHEN: Mon Aug 07 02:01:37 HKT 2023 ;; MSG SIZE rcvd: 64 ———————————————————————————————————— ; <<>> DiG 9.18.16 <<>> api.cloudflare.com A @240e:1f:1::1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19489 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;api.cloudflare.com. IN A ;; ANSWER SECTION: api.cloudflare.com. 300 IN A 127.0.0.1 ;; Query time: 4 msec ;; SERVER: 240e:1f:1::1#53(240e:1f:1::1) (UDP) ;; WHEN: Mon Aug 07 02:02:41 HKT 2023 ;; MSG SIZE rcvd: 52 ———————————————————————————————————— ; <<>> DiG 9.18.16 <<>> api.cloudflare.com AAAA @240e:1f:1::1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28900 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;api.cloudflare.com. IN AAAA ;; ANSWER SECTION: api.cloudflare.com. 300 IN AAAA ::1 ;; Query time: 4 msec ;; SERVER: 240e:1f:1::1#53(240e:1f:1::1) (UDP) ;; WHEN: Mon Aug 07 02:02:57 HKT 2023 ;; MSG SIZE rcvd: 64 |
6
szzys 2023-08-07 02:20:22 +08:00 via Android
不只是电信了,深圳移动也开始这样了
|
7
jackOff 2023-08-07 02:37:09 +08:00 via Android
我日,想想 17 年直接手机装个翻墙软件就可以翻墙,现在感觉难度有点高了啊
|
8
Laeoo 2023-08-07 04:01:05 +08:00
今天家里 nas 的 cloudflare ddns 没法注册,换了公共 dns 才注册成功。
另外才发现直连访问 cloudflare 会跳转 cloudflare-cn.com |
9
xpn282 2023-08-07 07:17:15 +08:00
现在这种网络环境,想想都气人!毫不犹豫的分流吧,国内域名 IP 走直连,其余全部走代理
包括 dns 也一样要分流,国内域名用国内 dns 解析,其余全部用国外 dns 解析(并且要代理解析才行) |
11
lzl2000 2023-08-07 07:36:17 +08:00 via iPhone
0668 电信一样。从昨天起,用默认 DNS 的 Cloudflare DDNS 一直报错,换成公共 DNS 就正常了
|
12
winterx 2023-08-07 08:22:44 +08:00
坐标 0756 ,202.86.128.86 仍返回正确结果,128.166 确实被污染
``` ; <<>> DiG 9.16.26 <<>> cloudflare.com @202.96.128.86 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12145 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;cloudflare.com. IN A ;; ANSWER SECTION: cloudflare.com. 204 IN A 104.16.133.229 cloudflare.com. 204 IN A 104.16.132.229 ;; Query time: 2 msec ;; SERVER: 202.96.128.86#53(202.96.128.86) ;; WHEN: Mon Aug 07 08:21:32 ;; MSG SIZE rcvd: 75 ``` ``` ; <<>> DiG 9.16.26 <<>> cloudflare.com @202.96.128.166 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32398 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cloudflare.com. IN A ;; ANSWER SECTION: cloudflare.com. 300 IN A 127.0.0.1 ;; Query time: 5 msec ;; SERVER: 202.96.128.166#53(202.96.128.166) ;; WHEN: Mon Aug 07 08:21:07 ;; MSG SIZE rcvd: 48 ``` |
13
TESTFLIGHT2021 2023-08-07 08:37:07 +08:00
快要白名单了
|
14
noahzh 2023-08-07 09:15:14 +08:00
哎,主要是这个电信诈骗一点办法也没有,逼的运营商搞白名单了
|
15
cnbatch OP @winterx 刚试了下 202.86.128.86 ,广州电信得到的是污染过的结果,我怀疑这个 DNS 要么按照区分地域返回结果,要么各市都有缓存服务器
nslookup cloudflare.com 202.96.128.86 Server: cache-a.guangzhou.gd.cn Address: 202.96.128.86 Name: cloudflare.com Addresses: ::1 127.0.0.1 nslookup api.cloudflare.com 202.96.128.86 Server: cache-a.guangzhou.gd.cn Address: 202.96.128.86 Name: api.cloudflare.com Addresses: ::1 127.0.0.1 ; <<>> DiG 9.18.16 <<>> cloudflare.com @202.96.128.86 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23963 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cloudflare.com. IN A ;; ANSWER SECTION: cloudflare.com. 300 IN A 127.0.0.1 ;; Query time: 67 msec ;; SERVER: 202.96.128.86#53(202.96.128.86) (UDP) ;; WHEN: Mon Aug 07 13:33:13 HKT 2023 ;; MSG SIZE rcvd: 48 |
16
cnbatch OP @lzl2000 看来只能暂时用公共 DNS 代替了,目前我在路由器手动设置了公共 DNS 的地址,替换掉运营商的 DNS ,暂时恢复正常
|
17
asdgsdg98 2023-08-07 13:41:24 +08:00
202.101.172.47
202.101.172.35 正常 |
18
54xavier 2023-08-07 13:51:36 +08:00
C:\>nslookup github.githubassets.com 202.96.128.86
服务器: cache-a.guangzhou.gd.cn Address: 202.96.128.86 名称: github.githubassets.com Addresses: ::1 127.0.0.1 C:\>nslookup github.githubassets.com 202.96.134.133 服务器: ns.szptt.net.cn Address: 202.96.134.133 名称: github.githubassets.com Addresses: ::1 127.0.0.1 C:\>nslookup github.githubassets.com 202.96.128.166 服务器: cache-b.guangzhou.gd.cn Address: 202.96.128.166 名称: github.githubassets.com Addresses: ::1 127.0.0.1 C:\>nslookup github.githubassets.com 202.96.134.33 服务器: cache-b.shenzhen.gd.cn Address: 202.96.134.33 名称: github.githubassets.com Addresses: ::1 127.0.0.1 佛山电信 github 的静态资源解析也是 |
20
cnbatch OP @szzys 刚发现广州移动也一样,cloudflare 和前面楼层提到的 github 的静态资源全都是 127.0.0.1 、::1
顺便试了下广州联通,还好仍然正常 |
21
strp 2023-08-07 15:15:06 +08:00
3202 真别用运营商的 DNS 了,网上这么多纯净 DNS ,你再不放心去用清华的也行。But enough with the lecturing ,我也试了一下,我这边在天河区的电信没污染到 127.0.0.1 ,但是空解析了。
|
22
JensenQian 2023-08-07 15:21:16 +08:00
我这以前移动还把 cf 的官网内网穿透转发到 hk
那个 ip 拿来富强,速度快的一批 不过现在都没了,直接去美西 |
23
strp 2023-08-07 15:32:35 +08:00
@JensenQian 现在可以白嫖别人国内专线中转的 CF 甚至可以用 Workers 搞 VLESS 实现真·0 元低时延的千兆梯子 且用且珍惜。。
|
24
JensenQian 2023-08-07 15:51:49 +08:00
@strp #23 我知道,但是懒得搞了,我移动宽带,cmi 小鸡,直连也很快的
|
26
a95788 2023-08-07 16:01:27 +08:00
广州电信 +1
即使 nslookup www.cloudflare.com 8.8.8.8 也一样返回 127.0.0.1 |
27
drvDPqg5nO7kZWhv 2023-08-07 16:27:39 +08:00
使用 doh ,同时 doh 要使用 ip 访问,否则又触发 sni....
|
28
yijiangchengming 2023-08-07 22:17:46 +08:00
@a95788 DNS 劫持这么严重。你可以试试内网自建 DNS ,mosdns 。
|
30
2000wcw 2023-08-08 00:20:57 +08:00
我都是用 8.8.4.4 的,一定要用国内 DNS 只会选阿里 DNS 。
|
31
Unclev21x 2023-08-08 09:19:06 +08:00
nslookup cloudflare.com 202.96.134.133
DNS request timed out. timeout was 2 seconds. 服务器: UnKnown Address: 202.96.134.133 名称: cloudflare.com Addresses: 2606:4700::6810:85e5 2606:4700::6810:84e5 104.16.133.229 104.16.132.229 |
32
Unclev21x 2023-08-08 09:19:45 +08:00
nslookup cloudflare.com 202.96.128.86
服务器: cache-a.guangzhou.gd.cn Address: 202.96.128.86 名称: cloudflare.com Addresses: 2606:4700::6810:85e5 2606:4700::6810:84e5 104.16.133.229 104.16.132.229 C:\Users\Jasper> |
33
MoonWalker 2023-08-08 10:43:38 +08:00
> github.githubassets.com
服务器: cache-b.shenzhen.gd.cn Address: 202.96.134.33 名称: github.githubassets.com Addresses: ::1 127.0.0.1 > cloudflare.com 服务器: cache-b.shenzhen.gd.cn Address: 202.96.134.33 名称: cloudflare.com Addresses: ::1 127.0.0.1 |
34
a95788 2023-08-08 10:58:28 +08:00
@yijiangchengming 用的爱快,直接在路由器上强制 www.cloudflare.com 解析某个 ip 地址了,不管设置什么 dns 都解析到某个 ip 去。
当然也配置了 doh ,mosdns 有点复杂,非技术人员 |
35
cnbatch OP |
37
username1919810 2023-08-08 14:59:38 +08:00
我用 CF 加速的个人博客网站在河南无论移动还是联通都直接重置连接,访问不了
不知道是不是这个的原因?但是 ping 还是能 ping 通 CF 的 IP |
38
cnbatch OP @username1919810 可能不止这个原因,似乎还有 SNI 阻断: /t/962714
|
39
mortal 2023-08-08 16:51:07 +08:00
广州电信 +1
自己搭建 AdguardHome 了,真是遭不住 |
40
esxlin 2023-08-08 17:21:06 +08:00
WARP 的影响?
|
41
Drumming 2023-08-08 17:43:49 +08:00
路由器上把 DNS 改成腾讯的 119.29.29.29 就好了,阿里的都不行。
|
42
a413128 2023-08-09 01:56:56 +08:00 via iPhone
广东联通 5g 直接返回 0.0.0.0
|
44
cnbatch OP @a413128 联通 5g 十分“神奇”,cloudflare 主域名返回全零,api 子域名却正常返回。可能过不了多久 api 子域名都会被污染。
|
46
xwybss 2023-08-10 11:27:41 +08:00
|
47
mortal 2023-08-10 12:01:46 +08:00
@tmzg0000 #45 我不是通过这种方式设置的,我只是 ADG 加了 *.cloudflare.com 使用干净的上游 DNS 。
|
48
tmzg0000 2023-08-10 15:16:40 +08:00
@mortal 第一次用这个软件。是在 DNS 设置的上游 DNS 服务器 设置吗?
我设置如下: 202.96.128.166 202.96.134.133 202.86.128.86 8.8.8.8 114.114.114.114 [/cloudflare.com/]8.8.8.8 发现没有效果,能分享下你的具体设置吗? |
49
mortal 2023-08-10 18:30:41 +08:00
|
50
tmzg0000 2023-08-10 19:27:20 +08:00
@mortal nslookup cloudflare.com 8.8.8.8
服务器: dns.google Address: 8.8.8.8 名称: cloudflare.com Addresses: ::1 127.0.0.1 原来 8.8.8.8 也 不行 开来是没干净的 DNS 了 |
52
veSir 2023-08-10 23:59:11 +08:00
|
53
szzys 2023-08-13 03:55:56 +08:00 via Android
我觉得下一步可能要把 CF 的地址全部干掉。
|
54
pipishrimp 2023-08-13 19:28:10 +08:00
广州电信宽带无论 DNS 设置成什么,Cloudlfare 都会被指向 127.0.0.1, 中国移动手机流量也是 127.0.0.1 ,但是移动改成公共 DNS 不会被污染。担心以后流量也会被抢答,白名单不会真的要来了吧,细思极恐
|
55
JoeoooLAI 2023-08-13 22:35:58 +08:00
这个问题大约一年前就出现了,我群晖 synology.me 的 DDNS 一直被解析 127.0.0.1 ,一开始发现在广州不行,拜托朋友帮我试试上海和深圳是正常的,年尾开始上海和深圳也 127 了,其他地区不清楚,不知道是不是电信都这样。最后还是买了个域名挂 dnspods 。
|
56
iamwho 2023-08-15 08:26:33 +08:00
|
57
a578800641 2023-08-18 16:57:47 +08:00
2023 年 8 月 18 日
|
58
a578800641 2023-08-18 16:57:56 +08:00
2023 年 8 月 18 日
C:\Users\Administrator>nslookup cloudflare.com 202.96.128.166 服务器: cache-b.guangzhou.gd.cn Address: 202.96.128.166 非权威应答: 名称: cloudflare.com Addresses: 2606:4700::6810:85e5 104.16.132.229 104.16.133.229 |
59
warriorl 353 天前
@JoeoooLAI #55 上周心血来潮把 ipv6 的 DNS 启用了, 昨天在家直接浏览器打开收藏夹的群晖 ddns 的 user.myds.me 域名无法访问, 鉴于之前听说群晖停止 quick connect 服务还以为是 myds.me 的域名也停止服务了, 一通操作把 ddns 的域名换成了 dnspod 上注册的
然后再 nslookup 域名发现是被广东电信的 ipv6 dns 240e:1f:1::1 解析到了 127.0.0.1...换成阿里 ipv6 dns 就正常了. 简直丧心病狂 |