Why pinging "drive" gets replies from 127.0.53.53?

23

3

I'm using Firefox 31 on Ubuntu 14.04.1

I tried to open Google Drive on Firefox by typing "drive" on the address bar and then clicking on the first Google result (lazy and convoluted, I know).

It shows me a connection error:

enter image description here

Suspecting a router issue, or maybe a DNS issue caused by my ISP, I tried pinging the inexistent address, only to get a reply coming from 127.0.53.53. Huh?

ubuntu@ubuntu:~$ ping foobar
ping: unknown host foobar
ubuntu@ubuntu:~$ ping thisisnotavaliddomain
ping: unknown host thisisnotavaliddomain
ubuntu@ubuntu:~$ ping drive
PING drive (127.0.53.53) 56(84) bytes of data.
64 bytes from 127.0.53.53: icmp_seq=1 ttl=64 time=0.011 ms
64 bytes from 127.0.53.53: icmp_seq=2 ttl=64 time=0.022 ms
64 bytes from 127.0.53.53: icmp_seq=3 ttl=64 time=0.049 ms
^C
--- drive ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.011/0.027/0.049/0.016 ms

Trying to ping other invalid domains gets me the expected result (that is, none at all). Only with "drive" it seems to happen.

What's going on here?

That Brazilian Guy

Posted 2015-08-17T22:15:19.153

Reputation: 5 880

2In short drive is now a valid domain name and it resolves to 127.0.53.53 to warn you that if you have configurations assuming it does not exist, then you need to fix those. The same goes for subdomains of drive such as www.drive, mail.drive, or www.over.drive. – kasperd – 2015-08-18T09:02:26.397

8Although the explanations about gTLDs are correct, in general, just because something is not reachable by a web browser does not mean that the hostname is invalid. It just means that the hostname is not running a web server (on the default port). Such a host could still respond to pings. – jamesdlin – 2015-08-18T09:43:58.170

@jamesdlin That's exactly why I included ping samples in my question ;-) – That Brazilian Guy – 2015-08-18T16:19:48.887

Answers

33

What's happening is a name collision.

127.0.53.53 is a special IPv4 address that will appear in system logs alerting system administrators that there is potential name collision issue, enabling a quick diagnosis and remediation. The "53" is used as a mnemonic to indicate a DNS-related problem owing to the use of network port 53 for the DNS service.

(source: ICANN)

But what does it mean? Well, turns out over the last years the number of TLDs (top-level domains) has been expanding. Apart from the original .com, .org, .net, .gov and the like, there's an ever-growing list of generic TLDs. As of the writing of this, there's currently more than a thousand gTLDs.

Guess what are some examples of gTLDs? Words such as "drive", "google", "microsoft", "hotmail", "youtube" and "android". So, when you enter those words on the address bar on Firefox, instead of using it to perform a search on the default search engine, it will first check if it resolves as a domain name.

Thanks to our friends at ICANN, it does resolve to 127.0.53.53. Which means localhost. Your browser is trying to connect to the port 80 of your own computer and, unless you have a web server running, you will see a connection error message.

(obs: this doesn't seem to affect all browsers -- at least, I was able to test the latest version of Chrome for Android and it isn't affected by this issue)

That Brazilian Guy

Posted 2015-08-17T22:15:19.153

Reputation: 5 880

1I'm not sure this explains it... why drive and not any of a number of other TLDs? I tried pinging some from the list and the only one so far that's returned the same response is gmail. – nhinkle – 2015-08-17T22:24:38.177

1It doesn't happen on google for me, but I just had it happen on homedepot. Browser shouldn't affect it (this is all tested via ping), but I'm on Windows 8.1 for reference. – nhinkle – 2015-08-17T22:33:41.597

Could you make a script to parse that txt file and try each one, see what the result is? I'm curious which it does and doesn't work for. – nhinkle – 2015-08-17T22:34:02.320

1@nhinkle Confirmed on Windows 7. I used "nslookup drive." and the nameserver at 8.8.8.8 points to 127.0.53.53 (August 17, 2015). Note that I expect this could potentially change, if the person/organization in control of the "drive" TLD changed this. Note that although "nslookup drive." (with trailing period) worked, "nslookup drive" didn't, nor did "ping drive.". I'm guessing ping might effectively remove the trailing period, which would technically be wrong (because it would violate the DNS spec that all domains technically end with a usually-optional period). – TOOGAM – 2015-08-17T22:40:42.167

5New gTLDs are only set up to resolve domains to 127.0.53.53 during a particular stage of initial testing. Once the gTLD is fully set up, it behaves normally; unknown domains will just fail. – duskwuff -inactive- – 2015-08-18T04:34:30.180

3@TOOGAM If you look up DNS records for "drive." There is an MX record that resolves to your-dns-needs-immediate-attention.drive. – Dev – 2015-08-18T14:13:49.800

@TOOGAM ping drive. works for me on OS X. Both ping drive and ping drive. work on Debian. – Barmar – 2015-08-21T20:33:09.987

This is why it's a good idea to use the keyword searches when you want to search, instead of risking going somewhere you didn't intend. – Tanath – 2015-08-21T22:32:09.387

This also happens with avahi-resolve-host-name, it seems – krs013 – 2017-01-15T23:33:12.543

Asked: 2015-08-17T22:15:19.153

Viewed: 7 920 times

Active: 2016-12-02T12:50:52.263