Debugging DNS resolution error

Try using dig. Twenty years ago they tried to deprecate nslookup, but its firmly ingrained into muscle memory now and impossible to get rid of, but dig is far superior. For example.

dig +trace auth.otc.t-systems.com @1.1.1.1

Will trace the resolution fully for you, and you can see where they differ.


Network people have used for ages 1.1.1.1 as a replacement to another private address in random interfaces of switches/routers APs. (I am myself on a location at this moment where the public facing IP adress of the hundreds of wireless APs is 1.1.1.1 )

I bet my money in the machines you are not able to talk to Cloufare's 1.1.1.1 that you have an (imtermediate) route there for such interface.

For instance, in my case, 1.1.1.1 is giving me my IP address:

$ sudo tcpdump -i any -n host 1.1.1.1 and port 67
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
13:11:51.037186 IP 1.1.1.1.67 > 10.x.x.x.68: BOOTP/DHCP, Reply, length 296
13:11:51.037250 IP 1.1.1.1.67 > 10.x.x.x.68: BOOTP/DHCP, Reply, length 296