HDFC Net banking not loading with Cloudflare DNS

HDFC net banking does not load using Cloudflare DNS but works with Google DNS. I’m on an Airtel FTTH IPv4 + IPv6 connection.

Cloudflare IPv4 DNS lookup

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.1.1.1
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.1.1.2
Server:         1.1.1.2
Address:        1.1.1.2#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.1.1.3
Server:         1.1.1.3
Address:        1.1.1.3#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.0.0.1
Server:         1.0.0.1
Address:        1.0.0.1#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.0.0.2
Server:         1.0.0.2
Address:        1.0.0.2#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.0.0.3
Server:         1.0.0.3
Address:        1.0.0.3#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

Google IPv4 DNS lookup

[email protected]:~$ nslookup netbanking.hdfcbank.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

[email protected]:~$ nslookup netbanking.hdfcbank.com 8.8.4.4
Server:         8.8.4.4
Address:        8.8.4.4#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

Cloudflare IPv6 DNS lookup

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1111
Server:         2606:4700:4700::1111
Address:        2606:4700:4700::1111#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1001
Server:         2606:4700:4700::1001
Address:        2606:4700:4700::1001#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1112
Server:         2606:4700:4700::1112
Address:        2606:4700:4700::1112#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1002
Server:         2606:4700:4700::1002
Address:        2606:4700:4700::1002#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1113
Server:         2606:4700:4700::1113
Address:        2606:4700:4700::1113#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 2606:4700:4700::1003
Server:         2606:4700:4700::1003
Address:        2606:4700:4700::1003#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

Google IPv6 DNS lookup

[email protected]:~$ nslookup netbanking.hdfcbank.com 2001:4860:4860::8888
Server:         2001:4860:4860::8888
Address:        2001:4860:4860::8888#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

[email protected]:~$ nslookup netbanking.hdfcbank.com 2001:4860:4860::8844
Server:         2001:4860:4860::8844
Address:        2001:4860:4860::8844#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

Bump… It’s been 15 days and no response.

Kindly, I’d suggest you to write a ticket to Cloudflare support due to your account and/or domain issue and share the ticket number here with us so we could escalate this issue:

  • Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button. If you get automatic reply, reply and indicate to it you need more help and reference to this topic
  • Or send an an e-mail to support[at]cloudflare[dot]com from your e-mail associated with your Cloudflare account

Hey @fritex! Thanks for replying! I do not own/manage the domain. I’m just a customer of the bank. Do I still create the ticket?

Thank you for feedback information.

Yes, please.

I am sorry to hear you have issue with accessing this website.

Kindly, do so I could escalate this to Cloudflare engineering team to re-check this as there might be other people who also have this issue.

Thanks for confirming @fritex! I couldn’t do it via the website as I don’t own the domain. However, I sent an email and received the ticket ID: 2379955

But I also got an email saying the ticket has been automatically resolved. Here are the contents of the email:

Hello,

Thanks for contacting Cloudflare about your issue. Users on our Free plan can upgrade now or continue to receive technical support by using the following resources:

Check your configuration in 20 minutes

Many types of issues can be resolved by ensuring your setup is optimal. In around 20 minutes, you can follow our Welcome Center tutorial and diagnostic tool to check & correct your configuration.

Resolve your issue right now

95% of issues can be resolved quickly by browsing or searching our Help Center - here you can find self service content to help you with your Cloudflare service.

Chat with Cloudflare Support instantly

Should you need quicker support for your service, we recommend exploring our paid plans for email support or 24/7 live chat.

Get Community help within 24 hours

If you need further assistance, you should consult the Cloudflare Community where thousands of users, experts, & staff work together to provide technical advice & support. Most users get a reply within 24 hours from the Cloudflare Community. Here are 3 steps to get started:

  1. Visit our Community.
  2. Search to find answers to issues just like yours.
  3. If you still need help, post a topic in the community.

This is an automated reply. If your issue relates to Cloudflare Billing, Cloudflare Registrar, or account access (e.g., login or 2FA issues), visit our Get Help form and follow the onscreen prompts to submit a ticket to our team who typically respond to users on our Free plan within 2 days.

Search the Cloudflare Community for advice and insight.

I replied back to the email to reopen, and it got resolved again. This is awfully bad.

1 Like

Thank you for sharing ticket number.

I’ve escalated this.

Kindly and patiently wait for a reply here and on the ticket (keep in mind today is still weekend so we might have to wait until tomorrow at least).

1 Like

Sure, thank you @fritex! :slight_smile:

May I just ask, currently I am using 1.1.1.1 / 1.0.0.1 at my device and when I run nslookup netbanking.hdfcbank.com, I see:

Server:  one.one.one.one
Address:  1.1.1.1

Non-authoritative answer:
Name:    netbanking.hdfcbank.com
Address:  175.100.160.21

And also I am using DoH (Cloudflare DNS) in my Web browser but I can access the website.

But, you still cannot access the websie? :thinking:

Hey @fritex!

Could you check with IPv6? It’s fine on IPv4. IPv6 is the issue. Prior to this, I was facing another issue: Cloudlare DNS - `nslookup` fails for IPv6 DNS sometimes, but always works for IPv4 DNS

I got servfail:

nslookup netbanking.hdfcbank.com
Server:         2606:4700:4700::1111
Address:        2606:4700:4700::1111#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
;; Got SERVFAIL reply from 2606:4700:4700::1111, trying next server

Nevertheless, checking with online tool seems there is no AAAA record for a sub-domain at all, and seems like it’s not only related to the Cloudflare DNS resolver? :thinking:

See here:

Neither by this:

Hey @fritex!

That exactly is the point. They use only IPv4 and don’t have IPv6. Hence Cloudflare DNS shouldn’t be giving SERVFAIL which is probably what is causing the browser to misbehave. Here’s a comparison of nslookup using Cloudflare and then with Google:

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.1.1.1
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21
** server can't find netbanking.hdfcbank.com: SERVFAIL

[email protected]:~$ nslookup netbanking.hdfcbank.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

Dig:

[email protected]:~$ dig netbanking.hdfcbank.com @8.8.8.8 aaaa

; <<>> DiG 9.16.15-Ubuntu <<>> netbanking.hdfcbank.com @8.8.8.8 aaaa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;netbanking.hdfcbank.com.       IN      AAAA

;; Query time: 80 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Feb 21 02:27:39 IST 2022
;; MSG SIZE  rcvd: 52

[email protected]:~$ dig netbanking.hdfcbank.com @1.1.1.1 aaaa

; <<>> DiG 9.16.15-Ubuntu <<>> netbanking.hdfcbank.com @1.1.1.1 aaaa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23465
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (at delegation netbanking.hdfcbank.com.)
;; QUESTION SECTION:
;netbanking.hdfcbank.com.       IN      AAAA

;; Query time: 220 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon Feb 21 02:27:42 IST 2022
;; MSG SIZE  rcvd: 96

The netbanking.hdfcbank.com delegation has two nameservers listed:

; <<>> DiG 9.16.22-Debian <<>> netbanking.hdfcbank.com -t A -p 53 @2803:f800:50::6ca2:c1a3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29499
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;netbanking.hdfcbank.com.	IN	A

;; AUTHORITY SECTION:
netbanking.hdfcbank.com. 300	IN	NS	ns1.netbanking.hdfcbank.com.
netbanking.hdfcbank.com. 300	IN	NS	ns2.netbanking.hdfcbank.com.

;; ADDITIONAL SECTION:
ns1.netbanking.hdfcbank.com. 300 IN	A	175.100.160.118
ns2.netbanking.hdfcbank.com. 300 IN	A	175.100.162.181

But they return a non-authoritative response for the AAAA record:

; <<>> DiG 9.16.22-Debian <<>> netbanking.hdfcbank.com -t AAAA -p 53 @175.100.160.118
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35098
;; flags: qr rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;netbanking.hdfcbank.com.	IN	AAAA

We can probably add a workaround for this, but ideally the hdfcbank.com should fix it.

1 Like

Seems to have been fixed now. Getting the same results via both Google DNS and Cloudflare.

[email protected]:~$ nslookup netbanking.hdfcbank.com 1.1.1.1
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

[email protected]:~$ nslookup netbanking.hdfcbank.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   netbanking.hdfcbank.com
Address: 175.100.160.21

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.