DNS Acceleration = Ignore TTL Brilliant concept!
*From:* [email protected] [mailto: [email protected]] *On Behalf Of *Damien Solodow *Sent:* Friday, January 22, 2016 1:44 PM *To:* [email protected] *Subject:* RE: [NTSysADM] HughesNet and AWS Yeah, I’d thought (and hoped) it was their DNS server doing it, but when even ‘nslookup saasapp.com 8.8.8.8’ came back wrong (and different from the results on my PC) I knew something was rotten. J DAMIEN SOLODOW Senior Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE *From:* [email protected] [ mailto:[email protected] <[email protected]>] *On Behalf Of *Richard Stovall *Sent:* Friday, January 22, 2016 1:40 PM *To:* [email protected] *Subject:* Re: [NTSysADM] HughesNet and AWS That's friggin awesome, but it doesn't hurt. :-) On Fri, Jan 22, 2016 at 1:33 PM, Michael B. Smith <[email protected]> wrote: Both Comcast and CenturyLink have similar “features” if you use their DNS servers. But they don’t override you if you choose another DNS server… *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Richard Stovall *Sent:* Friday, January 22, 2016 12:48 PM *To:* [email protected] *Subject:* Re: [NTSysADM] HughesNet and AWS That is so friggin' awesome it hurts. On Fri, Jan 22, 2016 at 12:19 PM, Damien Solodow < [email protected]> wrote: Having a fun issue, and figured I’d see if anyone else has run into something like it and has a solution. J One of our SaaS apps is hosted on AWS, and AWS has the lovely habit of using very short DNS TTLs and changing IPs frequently. Normally not that big a deal. However, it looks like a satellite provider used by a number of our users (HughesNet) has a wonderful little “feature” called DNS Acceleration. This looks to be a local DNS caching server (which ignores the provided TTL) that runs on their modem. This means that the user almost always gets outdated information from DNS for this SaaS app, which prevents them from accessing it. There doesn’t appear to be a way in the modem UI to turn off this “feature”, and it looks to intercept **all** outbound DNS traffic, so even if I set the client or their router to use a different DNS server it still gets intercepted. Anyone run into this or have a useful contact at HughesNet to sort this out? DAMIEN SOLODOW Senior Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE 500 North Meridian St Suite 500 Indianapolis, IN 46204-1213 www.harrison.edu
