This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Curious DNS name resolution problem

Hi,

I'm experiencing a really odd situation with my Sophos XG Home.

When I try to resolve google.com it resolves to 123.123.12.123

Which is owned by China Unicom Beijing province network.

When it's resolving to this, I'm unable to access Google services.

 

I've my Sophos XG DNS forwarders to (I'm not using my ISP DNS):

1.1.1.1

8.8.8.8

8.8.4.4

 

I have a samba server running inside my network, when I resolve against this, I resolve to a "normal" Google address and I can access Google services again.

My samba server is using just a single DNS forwarder:

1.1.1.1

 

I'm also seeing a couple of service providers referencing this IP address in their documentation:

https://fastdot.com.au/mydns-manager/

https://kinsta.com/knowledgebase/how-to-use-sftp/

Even a Google Patents page:

https://patents.google.com/patent/WO2004006112A1/en

 

So, I'm really confused as to why this is happening. It's like there's a static entry somewhere in the Sophos XG that redirects name resolution to 123.123.12.123, or the upstream name servers are "doing something" to return 123.123.12.123 instead.

 

Has anyone seen anything like this? Or am I just being unlucky and/or paranoid?

 

Cheers,

Paul



This thread was automatically locked due to age.
Parents
  • Hi Paul,

    Hmmmm, I read recently about the Chinese military "accidentally" doing some BGP hijacking, so I wonder if you didn't get tripped up by that situation.

    Cheers - Bob
    PS  This is a UTM forum, so the answers are generic, but you will want to post in an XG forum when the question is XG-dependent.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi Paul,

    Hmmmm, I read recently about the Chinese military "accidentally" doing some BGP hijacking, so I wonder if you didn't get tripped up by that situation.

    Cheers - Bob
    PS  This is a UTM forum, so the answers are generic, but you will want to post in an XG forum when the question is XG-dependent.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data