Airtel hijacking NXDOMAIN queries

Back in India after amazing APRICOT 2013 at Singapore. It was nice to stay in East Asia for a while and look around. :)

Anyways, issue for today - I have been using Airtel DNS servers from quite sometime since BSNL has crappy DNS while Google gives issues with Akamai while OpenDNS doesn’t has any node in India yet.  

Today I noticed a NXDOMAIN redirection for a non-working domain and later investigated. It seems like Airtel is hijacking on NXDOMAIN queries now.

anurag@laptop:~$ dig a

; <<>> DiG 9.8.1-P1 <<>> a  
;; global options: +cmd  
;; Got answer:  
;; ->>HEADER<<- opcode: QUERY, **status: NOERROR**, id: 33337  
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

; IN A


;; Query time: 140 msec  
;; SERVER:  
;; WHEN: Sat Mar 2 17:00:49 2013  
;; MSG SIZE rcvd: 48

Looking for  routing to that IP:

anurag@laptop:~$ awhois  
AS | IP | BGP Prefix | CC | AS Name  
**45028** | | | GB | BAREFRUIT-AS Barefruit Ltd Autonomous System  

Never heard of that network before but that server seems to be doing redirection to

anurag@laptop:~$ dig -x +short  

anurag@laptop:~$ dig **** a +short  

Strange! I can understand if Airtel is really hijacking queries and redirecting but then why they are running on a network outside in Europe? Whois result for the domain seems OK type. Strange again that they are not using DNS servers of Airtel itself but of Direct i (set as via reseller)

While the website seems having a perfact Airtel reddish design with their logo as well.

Anyways time to switch back to Google DNS servers. :)