I use ACT (Atria Convergence Technologies) as my ISP in Bangalore, and it appears that ACT is either blocking outbound requests on DNS port 53 for everyone other than google (22.214.171.124) and themselves, or dropping DNS-UDP packets intended for 126.96.36.199. Following is the issue:
- Pings to 188.8.131.52 always go through
- traceroute to 184.108.40.206 usually does NOT go through, but sometimes does.
traceroute to 220.127.116.11 (18.104.22.168), 30 hops max, 60 byte packets
1 _gateway (192.168.0.1) 1.726 ms 2.044 ms 2.041 ms
2 broadband.actcorp.in (xx.xx.xx.xx) 6.157 ms 6.166 ms 6.154 ms
3 broadband.actcorp.in (22.214.171.124) 144.173 ms 144.184 ms 144.171 ms
4 126.96.36.199.static-Bangalore.vsnl.net.in (188.8.131.52) 6.092 ms 6.657 ms 6.668 ms
5 * * *
6 * * *
7 * * *
- dig google.com @184.108.40.206 usually fails, but sometimes goes through
dig google.com @220.127.116.11
; <<>> DiG 9.16.1-Ubuntu <<>> google.com @18.104.22.168
;; global options: +cmd
;; connection timed out; no servers could be reached
I’ve raised this issue with ACT and I’ve had different responses from different people.
(a) I was first told that port 53 is blocked for dynamic IPs and only static IPs have this unblocked. I asked for, and got a static IP for extra cost. However, 22.214.171.124 is still not reachable.
(b) I was later told by another ACT employee that traffic to 126.96.36.199:53 is not prioritized, and hence packets are likely to be dropped anywhere on the network. This made more sense, because this is UDP, and explains the flakiness of the whole thing.
When I mentioned that 188.8.131.52 always works, I was told that Google DNS and ACT’s own DNS are treated differently(prioritized?) on the network and will go through.
My question is, if there’s someone from cloudflare who can work with ACT and have this fixed?