About dig

dig · 08-09-2022

For devices configured to use Umbrella for DoH and DoT: An issue has been reported where Umbrella may close the connection for devices sending multiple DoH/DoT requests over a single TCP connection. While only some DoH/DoT client implementations are ...

dig · 10-15-2020

Ran across this edge-case when trying to deploy BlueCat + Cisco Umbrella integration. This bug does modify the ARCOUNT, but more importantly, it modifies it without updating the UDP checksum. Packets are rejected as soon as they arrive at a DNS serve...

dig · 05-19-2025

Hi GUNBUNS, A couple things worth checking from Edge and your phone; visit https://www.dnsleaktest.com/ (Warning: Third-party site) and run the basic test, see if you're getting DNS from anyone other than Cisco OpenDNS. If you see anyone other than O...

dig · 04-17-2025

Indeed this technique is a bit old-hat, we have material from six years ago specifically mentioning fast flux as a concern for DNS security for the federal government: https://blogs.cisco.com/government/securing-government-it-all-starts-at-the-dns-la...

dig · 03-21-2025

Correct, the "myip" parameter is not required when calling this API endpoint. Clients really only need to query for their own IP address in order to know if it's been recently changed by their ISP, so they know when to send a new update to the API. T...

dig · 10-25-2024

Oh, that makes sense.I can't think of any quick fixes for this, the client is more capable of "excluding" than "including" traffic. If joined to an Active Directory domain, the machine will always wildcard that as an Internal Domains exception. For o...

dig · 10-25-2024

CGNAT is an unfortunate trade-off due to the limited address space in IPv4, and it affects all services that rely on tracking/identifying the source IP of traffic to a single subscriber. We're making multiple improvements that are meant to identify a...

Member Since	‎01-03-2018 11:12 AM
Date Last Visited	‎11-24-2025 11:11 AM
Posts	12
Total Helpful Votes Received	47

User Statistics

User Activity

DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) service notification

CSCvd26015 - NBAR DNS parser changes EDNS request packets

Re: opendns filter not working with social media sites

Re: NSA & Co. advisory for Fast Flux threat - Umbrella DNS "u

Re: Manual Network/IP Update

Re: Split brain DNS and Umbrella

Re: OpenDNS doesn't work with CGNAT style services like Starlink