Back in India after amazing APRICOT 2013 at Singapore. It was nice to stay in East Asia for a while and look around. :)
Today I noticed a NXDOMAIN redirection for a non-working domain and later investigated. It seems like Airtel is hijacking on NXDOMAIN queries now.
anurag@laptop:~$ dig bbbaaa.ccc.aaa a ; <<>> DiG 9.8.1-P1 <<>> bbbaaa.ccc.aaa a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, **status: NOERROR**, id: 33337 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bbbaaa.ccc.aaa. IN A ;; ANSWER SECTION: bbbaaa.ccc.aaa. 60 IN A **126.96.36.199** ;; Query time: 140 msec ;; SERVER: 188.8.131.52#53(184.108.40.206) ;; WHEN: Sat Mar 2 17:00:49 2013 ;; MSG SIZE rcvd: 48
Looking for routing to that IP:
anurag@laptop:~$ awhois 220.127.116.11 AS | IP | BGP Prefix | CC | AS Name **45028** | 18.104.22.168 | 22.214.171.124/24 | GB | BAREFRUIT-AS Barefruit Ltd Autonomous System anurag@laptop:~$
Never heard of that network before but that server seems to be doing redirection to airtelforum.com
anurag@laptop:~$ dig -x 126.96.36.199 +short unallocated.barefruit.co.uk. anurag@laptop:~$ anurag@laptop:~$ dig **airtelforum.com.** a +short **188.8.131.52** anurag@laptop:~$
Strange! I can understand if Airtel is really hijacking queries and redirecting but then why they are running airtelforum.com on a network outside in Europe? Whois result for the domain seems OK type. Strange again that they are not using DNS servers of Airtel itself but of Direct i (set as via reseller)
While the website seems having a perfact Airtel reddish design with their logo as well.
Anyways time to switch back to Google DNS servers. :)