Self - What Is My IP Address

Self - What Is My IP Address

This module generates a DNS response containing the source IP address and the source port information of the connecting client/resolver.

This is useful for identifying our external IP address as it appears on the internet. However, when querying through a recursive resolver, this module allows us to see the source IP address that the resolver uses for its queries. Typically, a DNS resolver receives queries on one network interface and performs DNS resolutions from another.

Technically, this module generates a DNS response that includes 2 answers — an A record and a TXT record. Both records contain the source IP address and the source port information. Since the A record is limited to containing only a single IP address, the TTL value of the A record is used to carry the source port information.

However, be aware that many resolvers may modify the TTL value, so it is recommended to rely on the TXT record for accurate source port information.

Category: General features

Format

self.yourdomain.com

or

whatismyip.yourdomain.com

Examples

By default, this module returns an A record containing the source IP address, with its TTL value representing the source port. Additionally, the module provides a TXT record in the Additional section containing the same information:

# dig self.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> self.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23838
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;self.yourdomain.com.		IN	A

;; ANSWER SECTION:
self.yourdomain.com.	60134	IN	A	127.0.0.1

;; ADDITIONAL SECTION:
self.yourdomain.com.	60	IN	TXT	"127.0.0.1:60134"

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 13:07:03 +04 2024
;; MSG SIZE  rcvd: 81

Download PCAP File


If a TXT record is requested, it will appear first in the response order:

# dig TXT self.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> TXT self.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33763
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;self.yourdomain.com.		IN	TXT

;; ANSWER SECTION:
self.yourdomain.com.	60	IN	TXT	"127.0.0.1:55474"

;; ADDITIONAL SECTION:
self.yourdomain.com.	55474	IN	A	127.0.0.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 13:07:04 +04 2024
;; MSG SIZE  rcvd: 81

Download PCAP File


Alternatively, the whatismyip feature name can also be used:

# dig TXT whatismyip.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> TXT whatismyip.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51412
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;whatismyip.yourdomain.com.	IN	TXT

;; ANSWER SECTION:
whatismyip.yourdomain.com. 60	IN	TXT	"127.0.0.1:36296"

;; ADDITIONAL SECTION:
whatismyip.yourdomain.com. 36296 IN	A	127.0.0.1

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 13:07:05 +04 2024
;; MSG SIZE  rcvd: 87

Download PCAP File


Like other features, we can append anything to the feature name to avoid receiving cached responses from the target DNS resolver. This forces the target resolver to actively communicate with our PolarDNS server instead of responding with cached answers. Using a random number is the most effective strategy:

# dig self${RANDOM}.yourdomain.com @10.211.55.2

; <<>> DiG 9.18.10-2-Debian <<>> self17337.yourdomain.com @10.211.55.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19681
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;self17337.yourdomain.com.	IN	A

;; ANSWER SECTION:
self17337.yourdomain.com. 35302	IN	A	10.211.55.3

;; ADDITIONAL SECTION:
self17337.yourdomain.com. 60	IN	TXT	"10.211.55.3:35302"

;; Query time: 12 msec
;; SERVER: 10.211.55.2#53(10.211.55.2) (UDP)
;; WHEN: Mon Nov 04 13:24:59 +04 2024
;; MSG SIZE  rcvd: 88

Download PCAP File


From the same category


Go back to catalogue.