1.1.1.1 ICN domain query error

What is the name of the domain?

designtp.kr

What is the error number?

EDE: 22 (No Reachable Authority): (at delegation designtp.kr.)

What is the error message?

EDE: 23 (Network Error): (180.68.206.142:53 rcode=REFUSED for designtp.kr A)

What is the issue you’re encountering

cannot use 1.1.1.1 in korea

What steps have you taken to resolve the issue?

What feature, service or problem is this related to?

Nameservers

What are the steps to reproduce the issue?

$ dig designtp.kr @1.1.1.1

; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> designtp.kr @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (at delegation designtp.kr.)
; EDE: 23 (Network Error): (180.68.206.142:53 rcode=REFUSED for designtp.kr A)
;; QUESTION SECTION:
;designtp.kr. IN A

;; Query time: 24 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Thu Jan 09 20:26:31 KST 2025
;; MSG SIZE rcvd: 127

$ dig +short CHAOS TXT id.server @1.1.1.1
“ICN”

NRT, LAX is OK.
ICN problem
thank you.

The IP address “180.68.206.142” appears to be named “ns1.ksdom.kr”, and the result you’re seeing, seems to indicate that the domain was (previously) connected to that name server.

The last updated date for the domain name “designtp.kr”, according to the domain registry, is today, a.k.a. 2025-01-09.

Did you just move your domain name to the two Cloudflare name servers today?

If so, wait 48 - 96 hours, for the DNS propagation to succeed, and then try again.

1 Like

If you look at my original post again, I typed in the purge cache url, but you seem to have misunderstood it because the url is omitted and the preview comes up.
I have already tried this to no avail.
I tried to purge the A, AAAA, CNAME cache for the domain at least 5 times in 30 minutes.
After about 4 hours, the ICN started responding normally.
I didn’t think to purge cache for NS records, but I’m guessing that would be a bad idea.
I think a command to purge cache when a domain’s nameservers change should be added to quickly resolve issues like this.

thank you.

The ns records are nameserver records so if they have been changed that would be what to purge from cache so a new lookup can be had. None of these commands will adversely impact a domain otherwise a random attacker could impact any domain.

$ whois designtp.kr

Primary Name Server
Host Name : anastasia.ns.cloudflare.com

Secondary Name Server
Host Name : houston.ns.cloudflare.com

This is different from the NS record for the domain.
We can purge cache the ns1.designtp.kr NS. But,
we don’t yet have the ability to purge cache what nameservers are assigned to the designtp.kr domain, do we?

It seems that the purge cache feature is only useful when the domain record changes, not when the domain nameserver itself changes.

You have that ability yes. None of the other records you purged required proof of ownership, it’s just proving a record from a public resolver.

Also in general most folks leave their old domain on the previous nameservers as well indefinitely so that cache isn’t an issue for basic resolution during a transition. Not sure why the old nameservers are throwing an error unless the domain was deleted from it.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.