both my miners had switched to 206.223.224.2 - cgminer (bamt) and cudaminer (win7), both rigs using google public dns 8.8.8.8.
Doing lookup on the bad ip:
nslookup 206.223.224.2
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Name: true.fiberpimp.net
Address: 206.223.224.2
wafflepool now resolves properly:
nslookup useast.wafflepool.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: useast.wafflepool.com
Address: 162.243.89.19
While that sounds conclusive on the surface, did you ever run "nslookup useast.wafflepool.com" on dns server 8.8.8.8 and receive address 206.223.224.2 as a result? And wasn't it 206.223.224.2
25 that we are all talking about?
No, right now it seems the us wafflepool.com endpoints are resolving properly when using google's dns:
nslookup useast.wafflepool.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: useast.wafflepool.com
Address: 162.243.89.19
nslookup uswest.wafflepool.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: uswest.wafflepool.com
Address: 192.241.211.125
I'm assuming that when my miners went down, there was a DNS hijack taking place and if you'd tried resolving wafflepool at that point, you'd get the bad IP's. Looks like currently things are back to normal but I suggest keeping a close eye on your miners, maybe even direct setting the endpoint IP's in cgminer.conf in case this attack starts back up.
Assumptions make poor foundations upon which to build any theory. Though hard coding ip addresses will circumvent the problem for now, it may cause unexpected outages in the future if pw reconfigures the server network.