Steam still bypassing proxy.

[CyberSecGuy]

This is less of a request for help, and more of me jotting down information and hoping it evolves into a "Solved" tag.

I've been playing with a few different settings and adding a few new DNS records from Steam that I've been able to find, here's the original list:

address=/client-download.steampowered.com/NGINX_IP
address=/content-origin.steampowered.com/NGINX_IP
address=/content1.steampowered.com/NGINX_IP
address=/content2.steampowered.com/NGINX_IP
address=/content3.steampowered.com/NGINX_IP
address=/content4.steampowered.com/NGINX_IP
address=/content5.steampowered.com/NGINX_IP
address=/content6.steampowered.com/NGINX_IP
address=/content7.steampowered.com/NGINX_IP
address=/content8.steampowered.com/NGINX_IP
address=/content9.steampowered.com/NGINX_IP
address=/content0.steampowered.com/NGINX_IP
address=/.cs.steampowered.com/NGINX_IP
address=/.hsar.steampowered.com.edgesuite.net/NGINX_IP
address=/.akamai.steamstatic.com/NGINX_IP
address=/.steamcontent.com/NGINX_IP

Here's my new list with a few more domains that I've been able to track down.

address=/client-download.steampowered.com/NGINX_IP
address=/content-origin.steampowered.com/NGINX_IP
address=/origin.steampowered.com/NGINX_IP
address=/content1.steampowered.com/NGINX_IP
address=/content2.steampowered.com/NGINX_IP
address=/content3.steampowered.com/NGINX_IP
address=/content4.steampowered.com/NGINX_IP
address=/content5.steampowered.com/NGINX_IP
address=/content6.steampowered.com/NGINX_IP
address=/content7.steampowered.com/NGINX_IP
address=/content8.steampowered.com/NGINX_IP
address=/content9.steampowered.com/NGINX_IP
address=/content0.steampowered.com/NGINX_IP
address=/cdn.steampowered.com/NGINX_IP
address=/cdn2.steampowered.com/NGINX_IP
address=/cdn3.steampowered.com/NGINX_IP
address=/cdn4.steampowered.com/NGINX_IP
address=/steamcdn-a.akamaihd.net/NGINX_IP
address=/cdn.akamai.steamstatic.com.edgesuite.net/NGINX_IP
address=/steamcache.steamcontent.com/NGINX_IP
address=/.cs.steampowered.com/NGINX_IP
address=/.hsar.steampowered.com.edgesuite.net/NGINX_IP
address=/.akamai.steamstatic.com/NGINX_IP
address=/.steamcontent.com/NGINX_IP
address=/.deploy.static.akamaitechnologies.com/NGINX_IP
address=/.steampipe.steamcontent.com/NGINX_IP

Yet when I download games it is still resolving hostnames to these two IP addresses:
65.216.231.194, which belongs to UUNET a server in Ashburn Virginia, as I have my download settings on Steam pointing to Washington DC. As well as 151.205.0.27, which I'm not sure about.

[CyberSecGuy]

@RyanEwen Important info here:

Steam runs DNS lookups against: steampipe.akamaized.net which pulls back CNAME records of valve???.steamcontent.com

These records are between: valve300-valve569.steamcontent.com

When placing:
address=/steampipe.akamaized.net/NGINX_IP - in dnsmasq
and
steampipe.akamaized.net - in nginx.conf

The entire system breaks down, and the DNS query goes absolutely bonkers doing valve???.steamcontent lookups. All of which points to the SteamCache.

Going to continue playing with it.

[CyberSecGuy]

I have generated a number list 1-1000, and formatted each line as valveXXX.steamcontent.com and placed in both .nginx.conf and .dnsmasq.conf.

I still am resolving these IP addresses according to Wireshark and TCPView;

Steam.exe	17032	TCP	desktop-jjbmna6	18301	162.254.192.45	http	ESTABLISHED	23	7,636	282	8,477,578	3,984	5,555,884	12	182
Steam.exe	17032	TCP	desktop-jjbmna6	18295	162.254.192.37	http	ESTABLISHED	25	8,300	290	8,725,870	5,644	4,216,189	17	147		
Steam.exe	17032	TCP	desktop-jjbmna6	18284	162.254.192.15	http	ESTABLISHED	27	8,964	347	10,706,449	4,316	5,342,747	13	178		

The second I add steampipe.akamaized.net back into the mix, we're back to everything breaking. I think I need to see if I can use dnsmasq to spoof the CNAME to something that points to the steamcache.

[CyberSecGuy]

I'm stuck for a moment, I threw this into .dnsmasq.conf

cname=steampipe.steamcontent.com,steampipe.akamaized.net

but steampipe.akamaized.net is still pulling back valve???.steamcontent.com CNAME records and those IPs aren't resolving.

[RyanEwen]

Thanks for putting in the time and effort to figure this out

[tamatoa]

I'm thinking there are some missing entries to pull the download from the lancache ... if you have a new txt files with all current dns would be appreciated.

My steam is set to pull downloads for Honolulu steam servers, maybe there is something to add in the txt file to make sure that it would download from lancache instead of steam servers.

If you can give me a direction or which line to update, would be appreciated.

Thank you.