1

Good day, everyone.
Let's say I have a following setup:

  • Windows 7 as host machine, DNS 192.168.0.100, 8.8.8.8, 8.8.4.4
  • Ubuntu 16.04 as guest machine on VirtualBox, DNS 192.168.0.100 (host?)

Ubuntu is connected to Windows's network via VirtualBox's NAT.

When I'm performing nslookup google.com, the results are totally different.
On Windows I see 6 x 172.xxx.xxx.xxx while on Ubuntu I see 6 x 62.xxx.xxx.xxx

So I guess even if I resolve google.com locally on my "router" machine on my network to block it from users, if a user has custom DNS server on its machine, they'll resolve another IP addresses? Any solution for that except forcing them using my DNS server?

Groosha
  • 113

2 Answers2

1

Many DNS providers are using anycast to respond with the "best" result depending on where on the Internet the query is coming from.

Executing the same query on multiple DNS servers located in various parts of the world therefore will commonly result in different results. This is normal, and it helps with, among many other things, routing traffic to the closest caching server.

Alex
  • 543
  • 1
  • 4
  • 14
-1

I suppose google is using a round-robin approach to do load balancing. So on different DNS queries you will get different results for your query for google.com. With the response being cached on the local machine you will get the same IP when trying multiple times.

If you don't want users to be able to access a host you have to block on IP level. Even if you force them to use your DNS by a firewall rule they still could enter these details in their local /etc/hosts file to directly get an IP address for google.com and connect to it.

user228505
  • 156