When I compare OpenDNS results with other DNS servers I can see some differences. It looks like OpenDNS is redirecting requests for www.google.com to its own servers.

Could you explain what is going on here?

---
1st query using OpenDNS:

; <<>> DiG 9.3.2 <<>> @208.67.222.222 www.google.com

;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 30 IN CNAME google.navigation.opendns.com.
google.navigation.opendns.com. 30 IN A 208.69.34.230
google.navigation.opendns.com. 30 IN A 208.69.34.231

---
2nd query using my ISPs DNS server:

;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 566561 IN CNAME www.l.google.com.
www.l.google.com. 58 IN A 209.85.129.147
www.l.google.com. 58 IN A 209.85.129.99
www.l.google.com. 58 IN A 209.85.129.104

;; AUTHORITY SECTION:
l.google.com. 48162 IN NS e.l.google.com.
l.google.com. 48162 IN NS f.l.google.com.
l.google.com. 48162 IN NS g.l.google.com.
l.google.com. 48162 IN NS a.l.google.com.
l.google.com. 48162 IN NS b.l.google.com.
l.google.com. 48162 IN NS c.l.google.com.
l.google.com. 48162 IN NS d.l.google.com.

;; ADDITIONAL SECTION:
a.l.google.com. 48295 IN A 209.85.139.9
b.l.google.com. 48295 IN A 64.233.179.9
c.l.google.com. 48295 IN A 64.233.161.9
d.l.google.com. 48295 IN A 66.249.93.9
e.l.google.com. 48295 IN A 209.85.137.9
f.l.google.com. 48295 IN A 72.14.235.9
g.l.google.com. 48295 IN A 64.233.167.9

Jole,

We're going to fix this ASAP. This happens if you have shortcuts enabled in your account. A temporary fix is to turn off shortcuts. A permanent fix will be put in place tomorrow morning.

I still don't see an answer to why OpenDNS is redirecting google traffic to its own address. This makes google work slower for me with OpenDNS than without.
~~~~~~~~~~~~~~~~~
Also I have an oddity on news.bbc.co.uk.
OpenDns resolves to 212.58.240.132, with a ping time of 85ms.
My regular ISP resolves to 212.58.226.20, with a ping time of 10ms.

I am UK based. Perhaps even your London server is giving IP addresses more suitable for some other geography?
~~~~~~~~~~~~~~~
These were my first two 'random' tests of OpenDNS, it isn't too promising a start.

Hi,

this still seems to be happening:

$ dig www.google.com a
<<elided>>
;; QUESTION SECTION:
;www.google.com. IN A

;; ANSWER SECTION:
www.google.com. 30 IN CNAME google.navigation.opendns.com.
google.navigation.opendns.com. 30 IN A 208.67.219.230
google.navigation.opendns.com. 30 IN A 208.67.219.231

I do *not* have shortcuts enabled (nor typo correction, nor phishing protection). It appears to be proxying requests to the real www.l.google.com, which is somewhat worrying, as Google sets a cookie (which is would also be received by the OpenDNS proxy). Note that this happens whether someone is logged in or not. Is there a way to disable this? What's it for, anyway?

-rob

Here's another site that does not work when shortcuts are enabled:
www.LewRockwell.com
Just thought this info might help you track down the problem.

Thanks for pointing that out. Could be a serious privacy issue. Will have to keep my eye on this and wait before I recommend this service.

Hi,

This still appears to be happening, as least yesterday it was.

Google UK (www.google.co.uk) is being redirected to a IP in the OpenDNS 208.67 range, the correct IP address should be 216.239.59.103.

I have yet to see a good explination for this nor a fix being pushed to the service.

Can someone from OpenDNS please explain exactly why this is happening, it is by design and if so why this was done?

Kind Regards

Simon

P.S. After disabling shortcuts on my account the IP now resolves to 64.233.183.147 which is still not really correct.

The reason:
http://blog.opendns.com/2007/05/22/google-turns-the-page/

I really don't like this new "feature" !!!
How many OpenDNS users are Dell customers???
At least I would like to see a feature to disable this "feature", it should be disabled by default.
Why don't you simply figure out how to remove this software?
I even would prefer this dell results, simply because the yahoo results are useless (And all this ads will be filtered by our local proxy).
I'll stop using OpenDNS if this doesn't change soon!

Would this also explain the issues I raised in this page:
http://forums.opendns.com/comments.php?DiscussionID=248&page=1#Item_8

Since google is being redirected the "I am feeling lucky" poll might not be put through? Just guessing here though...

Google has money, these computer manufacturers want it.

And well, it's easier to do business with Google, than to do business with other "software" companies, and jam the new computers full of "trial-ware"....you know? :) lol. I still remember my first computer, a Packard Bell, came packaged with sooo much crap...now? They just shove some Google products (mine only had Google Desktop...), a custom google search page, and a URL redirector service...lol.

freddy has a good point ;) Sure, it took me a bit of prodding to figure out what was causing those errors, but eventually I found Windows Vista's "Add Remove Programs" equivalent, and was able to remove the URL Redirector program, and it was all gold. We gotta understand though, as ISPs and college networks jump on this bandwagon, less-tech people will be using it too.

The problem here, is I don't think OpenDNS can offer this sort of support...since these corporations are making money off of this "software"...? Though I could be mistaken :P

I just started using OpenDNS tonight. I imagine that they aren't saying much about why they are doing this because they may still be figuring out the best way to react.

It would be nice if they offered an option to disable this additional handling they are doing, but that hasn't started yet.

As I see it, we are all benefiting from a free ad-driven service. Dell has decided to pre-install software on their machines to make ad money off of their customers. This just seems plain wrong, if you ask me. The customer has already purchased the machine, why look to profit further.

By doing what Dell has done, they could potentially take away a significant portion of the ad revenue of this service. If OpenDNS were to lose enough revenue, they could go out of business. To me, it seems as if OpenDNS is attempting to modify things in as unobtrusive a way as possible to keep the revenue stream going that Dell is trying to take for themselves.

My guess, is by resolving the google domains to opendns names, they can possibly prevent the certain URL Redirector software from hijacking the Google page? Since it'll be grabbing it from google.navigation.opendns.com instead of www.google.com?

But, google.com still pings as normal (to Google).

OpenDNS doesn't do that. "I'm Feeling Lucky" works fine for me on all of my machines using OpenDNS.

Still, I think an option to turn it off would be great. Especially since I'm using a Mac and can't be affected by this.

Bit of an overreaction, don't you think? Every DNS provider can redirect, snoop, or intercept your requests, so I don't see what you're gaining here. And OpenDNS is actually open and accountable, unlike the anonymous DNS servers of your ISP.

I'd also like an option to turn off intercepting Google (and any other sites you may do this for in the future). I don't need it, and even if OpenDNS is doing it for a good reason, it makes me uncomfortable.

$ host www.google.com
www.google.com is an alias for www.l.google.com.

Is this a fluke, or did somebody disable this on my account? If it's the latter, that is totally awesome. Thanks.

CacheCheck is reporting the same thing, but then again, this IP is associated with my account. So, what's up?

Update a few minutes later:

I just thought to try an nslookup from my web host, and it still returns google.navigation.opendns.com. So I guess this is just for my account. Well, thanks a lot!

I think it would be a good thing to have in the Advanced settings or something though.

Also, it's weird for CacheCheck's results to vary depending on who's using it.

Ohhhh. I just read an older thread where davidu explained that turning off shortcuts is what disables it. Well, okay. I don't ever plan on using shortcuts, so it's not a problem.

(I don't get why adult site blocking relies on shortcuts, though.)

Update a few minutes later:

About a checkbox to turn intercepting Google off without turning off shortcuts, a month ago, davidu said that the two features were too tied together in their codebase to do it, but that that might change in the future:

http://forums.opendns.com/comments.php?DiscussionID=278&page=1#Item_9

It appears that turning off shortcuts to turn off this behavior no longer works? I had shortcuts turned off under the old dashboard and got the _real_ Google IP(s). Now under this new dashboard, I have no shortcuts entered and have chosen "Do not apply any of my shortcuts", but I still get:

$ ping www.google.com
PING google.navigation.opendns.com (208.67.217.230) 56(84) bytes of data.
64 bytes from 208.67.217.230: icmp_seq=1 ttl=53 time=15.7 ms
64 bytes from 208.67.217.230: icmp_seq=2 ttl=53 time=15.5 ms
...

Is there another way to turn off shortcuts that I'm missing?

Same here, i've shortcuts off and Google redirection still happens.

I would never notice it, but Google homepage was occasionally hanging for me and local users, so i've started to investigate why.

Prior to introduction of such bold feature intercepting crucial network resource i would recommend to ensure that:

- it can be turned off

- probably it is off by default unless user asks for it

- it is done completely transparently with the level of redundancy and reliability at least approaching Google's.

As it is now it does more harm than good; unless i can turn it off i'm likely to revert to ISP nameservers for this office.

--igor

I agree, this is ridiculous. A DNS service should not be hijacking DNS for known names, period. I will NOT be recommending OpenDNS because of this. I discovered it on my own and found this thread in the process.

Reason for hijacking google.com to google.navigation.opendns.com: profit. See below.

Why was I asked to research this? My users complained that every mistyped URL took them to a OpenDNS page. All my users use Firefox and a feature of Firefox is to redirect unresolved DNS to a Google lucky search. Why is OpenDNS hijacking this feature for their own profit? I know they must generate a revenue, but this is unethical. What other valid DNS is being redirected without my knowledge? Why didn't they tell me?

And why did OpenDNS target Firefox? Safari doesn't seem affected - I didn't test anything else either.

Here's some proof:
"ebay" in Firefox redirects to http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=ebay
(via 'network.http.redirection-limit=0')

$ wget http://www.google.com/search?ie=UTF-8\&oe=UTF-8\&sourceid=navclient\&gfns=1\&q=ebay
--23:45:48-- http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=ebay
Resolving www.google.com... 208.67.217.230, 208.67.217.231
Connecting to www.google.com|208.67.217.230|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://guide.opendns.com/?url=ebay&client=ff20 [following]
--23:45:48-- http://guide.opendns.com/?url=ebay&client=ff20
Resolving guide.opendns.com... 208.69.32.131
Connecting to guide.opendns.com|208.69.32.131|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html

Reverse resolve outside OpenDNS:208.67.217.230 resolved to google.navigation.opendns.com
Oh, that make sense.

http://userscripts.org/scripts/show/8040

I've been using OpenDNS for less than a day and found the Google issue, a BBC issue, and now this thread. I won't be using OpenDNS any more, thanks.

I'm running dnsmasq (on a router running OpenWrt). Although it's easy enough to put this into
/etc/dnsmasq.conf:

local=/google.com/216.239.32.10/216.239.34.10/216.239.36.10/216.239.38.10

I will be pointing my nameservers somewhere else to get plain old DNS service.

Furthermore, http isn't the only protocol on the net, and it's misleading to get errors like this one when using other protocols and typo'd server names get translated to OpenDNS servers:

Connecting to upload.blah.com (208.67.219.130) at port 21...
connect(): Connection refused

OpenDNS, if you're serious about the user experience, let the Google redirection, and similar features, be opt-in. FWIW I've got two Dells running Windows XP and I don't recall ever having seen the Google toolbar on either of them.

this causes all of my google searches to be redirected to http://sorry.google.com/sorry/ - this pretty much makes opendns useless to me.

@pinchies

It seems l.google.com is the real deal:
http://blogoscoped.com/forum/125859.html

Some thought it was opendns, but robtex proves it's not

http://www.robtex.com/dns/www.google.com.html

However, it is odd that you're forced into l.google.com when it's invisible for most. Even if you don't have an opendns account, and therefore couldn't have had shortcuts/filtering on.