I keep have to clear the cache for a domain

penfed.org

After a day or two I have to got to 1.1.1.1 and clear the cache for this domain. What is this?

Thx, Butch

The nameservers for penfed.org don’t respond to AAAA (IPv6) queries so they can be cached as unresponsive for some time. I’ll try to reach out to them.

2 Likes

Thanks for your help. Please let me know what happens.

Butch

I haven’t received a response yet, sorry, I can try reaching out again.

1 Like

I also opened a ticket with them explaining the issue and that you had tried to reach out to them. Thx.

@butch1did you get a response from Penfed? I will file a request with them as well.

@butch1 I submitted a ticket today I have no faith it will actually get to the correct location. I plan on attempting to reach out to some contacts that can connect me with some of their IT folks but I’m giving it a week first.

So I got a non sensical response back that cloudflare is classifying penfed.org as malware occasionally which is causing the issue. @mvavrusa can you refute that as they have a link to this forum and are asking me to refute this from cloudflare.

Hey, sorry it’s still causing problems. I’ve added a workaround at least, so it shouldn’t be failing now. If you’re using 1.1.1.1 (and not .2 or .3) there’s no malware filtering. A filtered response would look like this:

$ dig @1.1.1.2 malware.testcategory.com +short
0.0.0.0

As far as I can tell there’s two problems, one is not responding to new types (like HTTPS and SVCB):

$ dig @ns1.penfed.org www.penfed.org TYPE64
... timeout

Other is not responding at all to some of Cloudflare’s address ranges. The full list of ranges is at https://www.cloudflare.com/ips/