DNS seems to be blocking website?

Hello, Not sure if this is the right place to report an issue with using DNS 1.1.1.1 for WAN on the home router. I’m trying to figure out why a website forum I get the following error in Chrome: DNS_PROBE_FINISHED_NXDOMAIN

Interestingly, when I change the DNS to quad 9 for example, the website works. Also, it appears that this happens on the whole network so other devices have the same issue. If the website I’m accessing is blocked on 1.1.1.1, is there a way to send an appeal to get that unblocked or maybe I am missing something here and this is a configuration problem on my end. Thanks.

The website in question is ttvnol.com.

It’s unlikely to be blocked, more likely an issue with the Cloudflare DNS getting the records from the authorative DNS, this seems to be the case here.

While answering your post it’s been a bit variable, but seems ok for me now.

; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> ttvnol.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13268
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;ttvnol.com.			IN	A

;; ANSWER SECTION:
ttvnol.com.		150	IN	A	45.124.92.20
ttvnol.com.		150	IN	A	123.30.242.70
1 Like

Thanks. I found out about nslookup in windows cmd prompt so I’ve been trying that and it seems it’s having trouble on my end. Wondering if this is something I can send a report into Cloudflare to investigate.

image

I’ll :thumbsup: to this.

It seems like Cloudflare is randomly able to retrieve responses from the authoritative DNS servers at synerfy.vn, but randomly also not.

Cloudflare Copenhagen (CPH):

$ dig +nsid CHAOS TXT id.server @1.1.1.1 | egrep "(NSID:|EDE:|^id.server)"
; NSID: 36 35 6d 38 35 ("65m85")
id.server.              0       CH      TXT     "CPH"
$ dig +nsid ttvnol.com @1.1.1.1 | egrep "(NSID:|EDE:|^ttvnol.com)"
; NSID: 36 35 6d 37 38 ("65m78")
ttvnol.com.             27      IN      A       123.30.242.70
ttvnol.com.             27      IN      A       45.124.92.20

Cloudflare London (LHR):

$ dig +nsid CHAOS TXT id.server @1.0.0.1 | egrep "(NSID:|EDE:|^id.server)"
; NSID: 33 37 38 6d 31 35 ("378m15")
id.server.              0       CH      TXT     "LHR"
$ dig +nsid ttvnol.com @1.0.0.1 | egrep "(NSID:|EDE:|^ttvnol.com)"
; EDE: 22 (No Reachable Authority): (at delegation ttvnol.com.)
; NSID: 33 37 36 6d 33 32 37 ("376m327")
$ dig +nsid ttvnol.com @1.0.0.1 | egrep "(NSID:|EDE:|^ttvnol.com)"
; NSID: 33 37 38 6d 32 39 ("378m29")
ttvnol.com.             150     IN      A       123.30.242.70
ttvnol.com.             150     IN      A       45.124.92.20
$ dig +nsid ttvnol.com @1.0.0.1 | egrep "(NSID:|EDE:|^ttvnol.com)"
; EDE: 22 (No Reachable Authority): (at delegation ttvnol.com.)
; NSID: 33 37 37 6d 33 36 38 ("377m368")

The most plausible reasons for something like this would be that operator of the synerfy.vn name servers may have an extensive firewall / security system, in front of their DNS servers that are blocking the queries.

It has also been seen that firewalls are added, that are restricting queries from e.g. other countries or continents, based on what appears to be the geographical area of the querier, which would then be determined based on Cloudflare’s IP addresses, when you are sending your queries over Cloudflare.

If the operator of the synerfy.vn name servers hasn’t updated a such kind of location database in ages, the country/continent for the given IP address may appear incorrect in their database, and therefore, the IP address of the Cloudflare resolver could be blocked as a false positive.

3 Likes

Thanks sjr and DarkDeviL!

I have a much better understanding of what is going on now :slight_smile:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.