Yes. If you would be interested,
here is a document with the details of how
DNS infrastructure should be implemented. Check the section '6.5 Delegation of sub-domains of “pub.3gppnetwork.org”'.
Thanks for the doc. So it looks like each operator based on the different MCC/MNC codes they are assigned, would get the different 3rd or higher level subdomains of 3gppnetwork.org delegated to the operator's nameservers.
It is interesting how Jio has set it up though. They have got the 3rd level subdomain delegated to their main nameservers, then the VoWiFi zone ie the
epdg.epc.mncxxx.mccxxx.pub.3gppnetwork.org
is again delegated to another set of nameservers.
Code:
mnc862.mcc405.pub.3gppnetwork.org. 259200 IN NS ns2.jio.com.
mnc862.mcc405.pub.3gppnetwork.org. 259200 IN NS ns3.jio.com.
mnc862.mcc405.pub.3gppnetwork.org. 259200 IN NS ns1.jio.com.
mnc862.mcc405.pub.3gppnetwork.org. 259200 IN NS ns4.jio.com.
Code:
;; AUTHORITY SECTION:
epdg.epc.mnc862.mcc405.pub.3gppnetwork.org. 3600 IN NS ns1.epdg.epc.mnc862.mcc405.pub.3gppnetwork.org.
epdg.epc.mnc862.mcc405.pub.3gppnetwork.org. 3600 IN NS ns2.epdg.epc.mnc862.mcc405.pub.3gppnetwork.org.
;; ADDITIONAL SECTION:
ns1.epdg.epc.mnc862.mcc405.pub.3gppnetwork.org. 3600 IN A 49.44.59.6
ns2.epdg.epc.mnc862.mcc405.pub.3gppnetwork.org. 3600 IN A 49.44.59.7
They have not set up the DNS records for the nameservers themselves for whatever reason. It works due to the glue records sent by the parent zone. 🤷♂️ This is the exact same behavior of the
vowifi.jio.com
zone as well. Weird.
So if you try to resolve
ns1.epdg.epc.mnc862.mcc405.pub.3gppnetwork.org
you get a
SERVFAIL
😛 🤷♂️
2. Upon logging into
NextDNS, I am able to see an option 'Anonymized EDNS Client Subnet' which is turned on by default.
So I tried this and didn't make any difference. I wonder if the Jio nameservers for this zone even make use of EDNS Client Subnet data? Is there a way to send EDNS Client Subnet data using dig? 🤔 Just for testing.
Also, on NextDNS I usually get connected to their node in Mumbai which is hosted in
Google Cloud Platform. The IP address of their recursive resolver in Mumbai appears to be
34.93.164.22
(Tried a DNS leak test and this was the IP address whenever I am connected to the Mumbai node). I then launched a VM in Mumbai GCP and sure enough, I always get the bad records which don't work ie
49.45.63.2
and
49.45.63.1
.
Code:
varkey@varkey-test:~$ dig epdg.epc.mnc862.mcc405.pub.3gppnetwork.org @49.44.59.6 +short
49.45.63.1
49.45.63.2
varkey@varkey-test:~$ dig vowifi.jio.com @49.44.59.6 +short
49.45.63.1
49.45.63.2
varkey@varkey-test:~$
`
Queried the nameservers directly and I get the
bad records consistently. This probably explains why VoWiFi doesn't work when using NextDNS resolvers.
1. I will test this myself with
NextDNS w.r.t rewrite but I have a hunch, there a problem there. The TTL would vary. Instead, I would suggest you to rewrite natively in your DNS resolver. For that though, you will have to temporarily switch to running the resolver not as a forwarder but instead as a recursive resolver speaking to root. Many ways to do this, but this would be the ideal test configuration which will eliminate all complexities.
Right now I am using the
nextdns
client as my resolver -
nextdns/nextdns. It supports configuring conditional forwarders, so I have set it to the below resolvers. Both these resolvers consistently gave me the right results.
Code:
forwarder 3gppnetwork.org.=61.1.1.1,1.1.1.1
forwarder jio.com.=61.1.1.1,1.1.1.1
So previously (when I made the initial post about this IP address drama Jio is playing
😛) I was using
unbound
as the recursive resolver and even then VoWiFi was unstable. At the time I wasn't aware of the
3gppnetwork.org
DNS names that would get used so I didn't check how those resolve, but
vowifi.jio.com
was returning the bad records intermittently (basically it works for few hours and then stops working). I suspect it's when my IP address changes, I'm on BSNL and I get allocated a
59.92.x.x
IP address or something in the
117.x.x.x
range. It is possible like you noticed when queried from some networks even in India, Jio nameservers return the bad IP addresses.
The path to going down the rabbit hole has many benefits, making friends along the way is certainly one of it 🙂
It sure is!
🙂 🎉
Anyway, I totally missed mentioning the main thing that VoWiFi is now stable 🚀 ie after conditionally forwarding
jio.com
and
3gppnetwork.org
to a set of resolvers that consistently return the right records.
It definitely appears like Jio has this misconfigured, I'm not even sure they have noticed? They might have whitelisted certain IP address ranges which would get the good or the India records and everything else gets the international records which wouldn't work (at least for now)