1.1.1.1 is unreachable/unstable for the past weeks

It is problem only with 1.1.1.1 server. The secondary 1.0.0.1 or any other are without problems.

dig polarkac.eu @1.1.1.1

; <<>> DiG 9.16.8 <<>> polarkac.eu @1.1.1.1
;; global options: +cmd
;; connection timed out; no servers could be reached

dig polarkac.eu @1.0.0.1

; <<>> DiG 9.16.8 <<>> polarkac.eu @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41277
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;polarkac.eu.                   IN      A

;; ANSWER SECTION:
polarkac.eu.            1800    IN      A       31.31.75.59

;; Query time: 29 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Wed Nov 04 10:44:19 CET 2020
;; MSG SIZE  rcvd: 56

dig +short CHAOS TXT id.server @1.1.1.1
;; connection timed out; no servers could be reached

dig +short CHAOS TXT id.server @1.0.0.1
"PRG"

I can ping 1.1.1.1. Traceroute does not show much, just an 2 servers of my ISP.

dig +tcp @1.1.1.1 id.server CH TXT
;; Connection to 1.1.1.1#53(1.1.1.1) for id.server failed: timed out.
;; Connection to 1.1.1.1#53(1.1.1.1) for id.server failed: timed out.

; <<>> DiG 9.16.8 <<>> +tcp @1.1.1.1 id.server CH TXT
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

;; Connection to 1.1.1.1#53(1.1.1.1) for id.server failed: timed out.

dig +tcp @1.0.0.1 id.server CH TXT

; <<>> DiG 9.16.8 <<>> +tcp @1.0.0.1 id.server CH TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1288
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;id.server.                     CH      TXT

;; ANSWER SECTION:
id.server.              0       CH      TXT     "PRG"

;; Query time: 13 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Wed Nov 04 10:52:43 CET 2020
;; MSG SIZE  rcvd: 43

It is problem on multiple machines, not just this one (mobile phone with Android, notebook with Archlinux). It seems its even problem across multiple network, because on my VPN its the same.

It sounds like your ISP isn’t passing 1.1.1.1 requests through. You didn’t post the actual traceroute, so I don’t know if it’s just dying after two hops, or there’s some other device claiming to be 1.1.1.1

My bad. Here is the traceroute to 1.1.1.1

traceroute 1.1.1.1                                             [0]
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
 1  _gateway (192.168.0.1)  1.332 ms  2.119 ms  2.984 ms
 2  * * *
 3  ip-86-49-55-193.net.upcbroadband.cz (86.49.55.193)  25.429 ms  26.080 ms  25.710 ms
 4  ip-81-27-203-70.net.upcbroadband.cz (81.27.203.70)  26.502 ms  26.645 ms  26.234 ms
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

And here is the traceroute for 1.0.0.1

traceroute 1.0.0.1                                           [148]
traceroute to 1.0.0.1 (1.0.0.1), 30 hops max, 60 byte packets
 1  _gateway (192.168.0.1)  1.177 ms  2.320 ms  3.075 ms
 2  * * *
 3  ip-86-49-55-193.net.upcbroadband.cz (86.49.55.193)  26.637 ms  27.011 ms  28.352 ms
 4  cz-prg01a-ra4-vla2156.net.upc.cz (84.116.221.225)  28.668 ms  28.855 ms  38.629 ms
 5  cz-prg02b-ri1-ae-0-0.aorta.net (84.116.136.169)  38.918 ms  39.409 ms  39.249 ms
 6  213.46.180.82 (213.46.180.82)  47.441 ms  46.263 ms  44.927 ms
 7  cloudflare-ic-154352-prag-b3.c.telia.net (80.239.194.86)  45.000 ms  30.934 ms  30.855 ms
 8  one.one.one.one (1.0.0.1)  32.138 ms  31.578 ms  31.173 ms

Strange. I tried traceroute with ICMP mode and it returned different result.

traceroute -nI 1.1.1.1                                         [0]
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
 1  192.168.0.1  1.643 ms  2.453 ms  3.751 ms
 2  * * *
 3  86.49.55.193  35.173 ms  35.371 ms  35.596 ms
 4  81.27.203.70  23.948 ms  24.375 ms  28.686 ms
 5  1.1.1.1  29.159 ms  29.504 ms  29.742 ms

Sorry about the trouble. It seems like a routing issue, the 1.1.1.1 is not leaving UPC network. Can you send them an email with the traceroutes? In the meantime, the 1.0.0.1 seems to be work correctly.

If its routing issue, how can I ping or traceroute (ICMP mode with -I flag) it? In the same moment dig returns timeout, but ping is working fine.

Because it’s routed somewhere else that doesn’t provide a DNS service but responds to ping. For 1.0.0.1 you can see it enters Cloudflare’s network through Telia:

 7  cloudflare-ic-154352-prag-b3.c.telia.net (80.239.194.86)  45.000 ms  30.934 ms  30.855 ms
 8  one.one.one.one (1.0.0.1)  32.138 ms  31.578 ms  31.173 ms

For 1.1.1.1 it doesn’t, but something inside the network responds back:

 4  81.27.203.70  23.948 ms  24.375 ms  28.686 ms
 5  1.1.1.1  29.159 ms  29.504 ms  29.742 ms
2 Likes

Oh, that makes sense. Thanks for explanation. I will monitor the situation and if it occurs again, I will send an email to ISP.