Domain signin1.bt.com doesn't resolve in Cloudflare (using secure DNS in Chrome). Ok in Google

To reproduce: In Chrome > Settings > Privacy and security > Advanced > Use secure DNS, select Cloudflare (1…1.1.1). Browse to www.bt.com and click “Email” at the top right. See “This site can’t be reached”.

This is confirmed at signin1.bt.com down? Current problems and status.

Site can however be reached by selecting “Google (Public DNS)” instead in Chrome settings.

Does anyone have an explanation or a solution?

That’s not a Cloudflare issue.

The actual URL works just fine → sitemeer.com/#https://signin1.bt.com/login/emailloginform

sitemeer.com/#https://signin1.bt.com does not. BT has some funny configuration on that hostname.

Unfortunately the complete login URL does NOT work for me in a browser using the “to reproduce” steps above. Tried two different machines. Yet it does work with Google DNS.

That doesn’t prove the problem is at Cloudflare but it’s a strong indicator of a DNS issue somewhere.

Mxtoolbox does resolve the original subdomain. So the results are inconsistent and I agree that something strange is happening at BT. I have attempted to report the problem there as well.

It’s a very popular site with millions of users so I expect someone will notice the problem eventually, wherever it is.

Are you saying the link with the full URL does not say that it is reachable?

Correct.

I was referring to sitemeer.com/#https://signin1.bt.com/login/emailloginform

But anyhow, can you run these commands and post the output?

nslookup signin1.bt.com 1.1.1.1
nslookup signin1.bt.com 1.0.0.1

The sitemeer link does work for me.

The output of those commands is OK, BUT I ran them from a command prompt which will NOT be using Cloudflare DNS (because that’s only set in my browser). So it will be using the default DNS server which is supplied by BT as it happens. So it’s not surprising that it works:

PS C:\Windows\system32> nslookup signin1.bt.com 1.1.1.1
Server: one.one.one.one
Address: 1.1.1.1

Non-authoritative answer:
Name: signin1.bt.com
Address: 193.113.4.166

PS C:\Windows\system32> nslookup signin1.bt.com 1.0.0.1
Server: one.one.one.one
Address: 1.0.0.1

Non-authoritative answer:
Name: signin1.bt.com
Address: 193.113.4.166

A more interesting test would be to enable cloudflare in my PC’s network settings (with or without encryption). I’ll post that when I’ve worked out how…

In that case it will be something with your local DNS setup. The host has a somewhat peculiar SSL setup but the URL in question does work and Cloudflare resolves it fine on your end as well.

Huh? I just sent a picture of cloudflare NOT resolving it and explained that the nslookup was NOT using Cloudflare. So how do you conclude that Cloudflare “resolves it fine” at my end?

You sent a picture of Chrome not being able to resolve it and your nslookup actually used Cloudflare and could resolve it. Cloudflare works (even on your end) and is not involved here.

You’re right, sorry, nslookup was indeed using Cloudflare and that worked.

I think the key is the “peculiar SSL setup” you mentioned. Unfortunately it appears DoH is only available in insider builds of Windows at the moment and I’m not running that, so I can’t (easily) test that from the command line. So maybe the Chrome implementation of that is where the fault lies.

Just tried Firefox, and DoH via Cloudflare is working OK there. So that points to a browser issue.

SSL should not be the reason for a DNS error, but if it works with other browsers it really will be a browser issue. You mentioned an Insider build, which would suggest Edge though you mentioned Chrome.

I confirm the problem was originally seen in Chrome Version 90.0.4430.212 (Official Build) (64-bit) and is reproducible there. I’ve reported it to Google.

I just checked Edge (with Cloudflare DoH enabled) and the problem happens there as well. But not in Firefox.

I am NOT using an insider build, just normal Windows 10.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.