Bookmarking some IP addresses now provides easy DNS debugging later

traceroute double nat
Eric Geier

DNS is a world-wide system that translates the name of computers on the internet into their underlying numeric IP address. For example, computerworld.com might be translated to either 151.101.128.230, 151.101.64.230 or 151.101.192.230. Humans deal with names, computers deal with numbers.

I mention this because a problem with DNS can make an otherwise functional internet connection appear to be broken.

Fortunately, it's easy to test an apparently broken internet connection to see if the problem is limited to DNS. All that's needed is some browser bookmarks. Specifically, we need to bookmark some IP addresses.

A great place to start is by bookmarking

http://208.69.38.170

which shows the status of the OpenDNS servers. I suggest starting here, even if you don't use OpenDNS, because this IP address was specifically set aside for use when DNS is not working.

If you bookmark

http://216.92.136.14

you can use it to view my personal website, MichaelHorowitz.com.

Bookmark 141.211.243.44 to see whats up at the University of Michigan. A boring option is 4.68.80.110 where Level3 displays the welcome page for their IIS7 web server software. 

To be honest, I have cherry picked these examples. Many, if not most websites, react poorly to being contacted by their IP address. 

For example, 104.28.1.74 results in an error 1003 from Cloudflare: "Direct IP access not allowed." But, at least, this confirms the Internet connection is working.

Computerworld.com is also not happy being addressed by an IP address. But again, the resulting Fastly error indicates that the Internet connection is functional.

Secure websites, those using HTTPS, are never happy being contacted by their IP address. Many re-direct you to their normal site which, if DNS is broken, fails to load. For example, 64.78.193.234 re-directs to https://www.digicert.com and 91.189.94.40 takes you to https://www.ubuntu.com.

Also, what we see as a single web page is typically created from dozens of pieces brought in from many different sources. If the pieces are requested by name, they won't load even if the visible page is accessed by its IP address. 

Loading a web page may also invoke browser extensions, plug-ins or add-ons that may, themselves, try to reference resources by name. So, if possible, load your bookmarked IP addresses with a clean browser. 

Knowing the problem may also let you work around it. For example, forcing your computer to use different DNS servers may be all that's required. If nothing else, when it comes time to complain, you know exactly what the problem is. 

Over time these IP addresses may change, so the more you bookmark now the better. Hopefully, you'll never have to use them, but Defensive Computing means being prepared. 

- - - -

Note: Rather than wait for DNS to break, I verified the examples cited above by specifying invalid DNS servers on a test computer. 

FEEDBACK
Get in touch with me privately by email at my full name at Gmail. Public comments can be directed to me on twitter at @defensivecomput

Related:

Copyright © 2017 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon