Spectrum DNS servers resolving my domain name to a loopback address.

[jake vdb <jake.vdb () gmail com>]

Hey, I posted this on r/networking and was advised to post on this list.
The small company I work for has a niche SaaS app and for the past week
Spectrum DNS servers have resolved the name to 127.0.0.54.

I found a Spectrum user on reddit to confirm the problem:

nslookup rightbridge.net dns-cac-lb-02.rr.com

Non-authoritative answer:
Name: rightbridge.net
Address: 127.0.0.54

server 209.18.47.62
Default Server: dns-cac-lb-02.rr.com
Address: 209.18.47.62

I have been trying for a week to get Spectrum tech support and Twitter
support to help, but so far that's been an exercise in futility.

As far as I'm aware, this only affects Spectrum. I have switched some users
to Google's public DNS servers, but I can't reach all of them.

Reddit has been some help troubleshooting;

That is indeed interesting. What I notice is:
> It replies to A requests with a 60 second TTL every single time, which is
> a behavior normally expected of an authoritative server, yet it is marking
> the replies as non-authoritative. I would expect non-authoritative servers
> to have a decrementing TTL.
> It responds with 0 records for NS, MX, AAAA, and A requests. Not NXDOMAIN
> though.
> It seems like a wildcard record that covers everything under your domain.
> I see this behavior on both of the Spectrum resolvers that my cable modem
> connection is offered via DHCP. I don't have this problem if I use my own
> resolver (on a Spectrum connection).
> I'm stumped. Despite my comment earlier about it being unlikely to be a
> Spectrum problem, I now agree that it does appear to be something strange
> on their side. Just to be sure, have you ever used Spectrum as a provider
> for something related to this domain, where they hosted the domain or
> anything? I'm not sure if they even offer that service, but want to ask
> just to be sure. There is typically little reason to have a specific domain
> singled out in your nameservers unless you host it.
> The one guess I have is that they have gone out of their way to ban your
> domain for some reason. Wildcard pointing all queries to it to localhost
> would not be too unexpected of a way to ban a domain. Have you had any
> trouble with malware infections, spam, or anything else you can think of
> that might have lead someone to want to ban the domain?


I don't believe Spectrum has even been a service provider for my employer.
They do not offer service where our home office is located, and they have
only used Rackspace for hosting in the 13 years they've been around. No
malware, infections, spam (that I'm aware of). We are not registered on any
Blacklists.

I appreciate any help / advice,
Jake