How does dig find the WAN-IP-address? What is “theip.opendns.com” doing

I needed to automatically get my own WAN-IP-address from my router. I found this question and, among others, a solution with dig was proposed:

dig +short myip.opendns.com @resolver1.opendns.com

It works perfectly, but now I want to understand what it is doing.
Here is what I (hope to) understand so far (please correct me, if I am wrong):

+short just gives me a short output
@resolver1.opendns.com is the DNS server,
which is asked what IP address belongs to the given domain

What's not clear to me is myip.opendns.com. If I would write www.spiegel.de instead, I would get the IP address of the domain www.spiegel.de, right?
With myip.opendns.com I get the WAN-IP of my router. So is myip.opendns.com just emulating a domain, which is resolved to my router?
How does it do it? Where does it get my IP from? And how is it different to what webpages, like e.g., www.wieistmeineip.de, are doing? They also try to get my IP.

In the answer of Krinkle on the question I mentioned, it is stated
that this "dns-approach" would be better than the "http-approach".
Why is it better and what is the difference?

There has to be a difference, because the WAN-IP I get from dig +short myip.opendns.com @resolver1.opendns.com (ip1) is the one I can also see in the web interface of my router, whereas www.wieistmeineip.de (and other similar sites too) is giving me another IP address (ip2).
I could imagine that my ISP is using some kind of sub-LAN, so that my requests to webservers are going through another (ISP-) router which has ip2, so that www.wieistmeineip.de is just seeing this address (ip2). But, again, what is myip.opendns.com doing then?

Additionally: Opening ip1 from within my LAN is giving me the test website from my RasPi, opening it from the outside of my LAN (mobile internet) does not work. Does it mean, that ip1 is no proper "internet IP" but more like a LAN IP?

Best Answer

First to summarize the general usage of dig: it requests the IP assigned to the given domain from the default DNS server. So e.g. dig google.de would request the IP assigned to the domain google.de. That would be 172.217.19.99.

The command you mentioned is:

So what this command does is: it sends a request for the IP of the domain myip.opendns.com to the DNS server resolver1.opendns.com. This server is programmed that, if this special domain is requested, the IP the request comes from is sent back.

The reasons why the method of querying the WAN IP using DNS is better were mentioned by krinkle: standardised, more stable and faster.

The reason I could imagine for those two IPs is that your router caches DNS requests and returns an old IP.

Another problem could be DualStack Lite. That is often used by new internet contracts. Do you know whether your ISP is using DS Lite?

Best Answer

Related Solutions

DNS Troubleshoot. Campus domain does not resolve when using campus network

To get domain name from ip in Reverse DNS Dig

Related Question