This morning, GreatFire.org published a story stating that EdgeCast CDN, one of the more popular content distribution networks that handles content for a number of large websites, has been blocked by the Chinese national filter. As a result, a friend emailed me asking what I thought, and pointed out that all we have are a few reports and a link to a status update from EdgeCast themselves.
As usual, my attempt to write a short email failed, and I ended up carrying out an impromptu investigation into this. With minor edits, I’ve reproduced my email detailing how I looked into this below. For reference, this was carried out from an internet connection based in Oxford, UK.
Based on prior knowledge we have evidence that China will man-in-the-middle (UDP) DNS requests for blocked sites, but ignore genuine ones. So first, let’s pick a Chinese IP address almost at random:
$ ping baidu.cn
PING baidu.cn (184.108.40.206) 56(84) bytes of data.
Check that it’s actually in China, using the MaxMind GeoIP database:
$ geoiplookup 220.127.116.11
GeoIP Country Edition: CN, China
GeoIP City Edition, Rev 1: CN, 22, Beijing, Beijing, N/A, 39.928902,
116.388298, 0, 0
Check that it’s not a DNS server:
$ dig @18.104.22.168 baidu.cn
; DiG 9.9.2-P2 @22.214.171.124 baidu.cn
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Excellent.… Read full post