Cannot connect to on AT&T


Here is the requested data:

Nathaniels-MacBook-Pro:~ nathanielsuchy$ traceroute
traceroute to (, 64 hops max, 52 byte packets
 1 (  3.268 ms  2.839 ms  3.001 ms

Nathaniels-MacBook-Pro:~ nathanielsuchy$ traceroute
traceroute to (, 64 hops max, 52 byte packets
 1 (  4.303 ms  3.431 ms  3.020 ms
 2 (  84.717 ms  4.738 ms  4.072 ms
 3 (  6.662 ms  5.222 ms  4.698 ms
 4 (  6.385 ms  8.092 ms  5.777 ms
 5 (  5.831 ms  6.009 ms  6.896 ms
 6 (  7.248 ms (  5.478 ms  5.382 ms
 7 (  13.760 ms  20.682 ms  18.949 ms
 8 (  16.582 ms  19.881 ms  17.056 ms
 9 (  17.181 ms  16.297 ms  16.937 ms
10 (  14.838 ms  14.648 ms  14.219 ms
11 (  15.097 ms  14.408 ms  13.879 ms
12 (  14.880 ms  15.412 ms  14.792 ms

Nathaniels-MacBook-Pro:~ nathanielsuchy$  dig +short CHAOS TXT id.server @
[nothing happens]

CNathaniels-MacBook-Pro:~ nathanielsuchy$ dig +short CHAOS TXT id.server @

Nathaniels-MacBook-Pro:~ nathanielsuchy$ dig +tcp @ id.server CH TXT
;; Connection to for id.server failed: connection refused.

Nathaniels-MacBook-Pro:~ nathanielsuchy$ dig +tcp @ id.server CH TXT

; <<>> DiG 9.8.3-P1 <<>> +tcp @ id.server CH TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21737
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;id.server.			CH	TXT

id.server.		0	CH	TXT	"iad02"

;; Query time: 15 msec
;; WHEN: Tue May 15 16:07:25 2018
;; MSG SIZE  rcvd: 45

Nathaniels-MacBook-Pro:~ nathanielsuchy$ openssl s_client -connect
connect: Connection refused
Nathaniels-MacBook-Pro:~ nathanielsuchy$ openssl s_client -connect
1424:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/BuildRoot/Library/Caches/

SBCGlobal possibly blocking

Do you have an Arris BGW router?


I do not have physical access to the router.


Your Internet modem/WiFi connection device has improperly claimed Sometimes it’s a device made by Arris. So, whatever brand device you have, it’s not letting through.


This is a known issue for AT&T Internet users. Both Cloudflare and AT&T are aware of it. Two models of AT&T’s gateways, the Pace 5268AC and the Arris BGW-210 can not use reach the Cloudflare DNS service properly because both gateways are currently reserving and using the address internally for certain functionality. Like I said AT&T has acknowledged this issue and said it will be fixed through a firmware update. No idea when AT&T will have that firmware update ready and begin to roll it out though. I’m sure its being worked on right now, but even when its done I’d say at least 2 weeks or so of internal testing before AT&T starts to slowly deploy the update in batches to customers. That’s the way they always roll out firmware updates to the gateways. My random guess is about 2 to 3 months before the firmware fix for this is starting to roll out.

However in the meantime there is a simple work around,

if you are in a area where AT&T has deployed native dual stack ipv6 service you can use the ipv6 cloudflare DNS address with no problem at all. I live in Arkansas in a town of about 30k and AT&T deployed ipv6 here over a year ago so odds are good you have it. To check look at this status page of your gateway
Scroll down to the section labeled “ipv6” and if it looks the same as mine showing avaliable native ipv6 your good to go.

I have AT&T Internet and the BGW-210 gateway and did a test just to make sure really quick and cloudflares DNS service works perfectly when using their ipv6 address instead of Below are the two Cloudflare DNS ipv6 addresses