ISP(Nextra) seems to blocking 1.1.1.1 in India


#1

It seems that my ISP’s router is blocking 1.1.1.1, I have opened a ticket with them but they have not done anything to unblock it.

Here are the details of my ISP:
Country: India
Name: NEXTRA TELESERVICES PVT. LTD.
ASN: AS58640
Website: nextraworld.com
Modem: ANS5004W

Here are nslookup and traceroute o/p:

Command: nslookup google.com 1.1.1.1

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 1.1.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Command: nslookup google.com 1.0.0.1

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 1.0.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Command: nslookup google.com 8.8.8.8

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: google.com
Addresses: 2404:6800:4002:804::200e
172.217.160.238

Command: tracert 1.1.1.1

Tracing route to 1dot1dot1dot1.cloudflare-dns.com [1.1.1.1]
over a maximum of 30 hops:

1 3 ms <1 ms 1 ms router.asus.com [192.168.2.1]
2 2 ms 2 ms 2 ms 192.168.1.1
3 5 ms 3 ms 4 ms 1dot1dot1dot1.cloudflare-dns.com [1.1.1.1]
4 1dot1dot1dot1.cloudflare-dns.com [1.1.1.1] reports: Destination host unreachable.

Trace complete.

Command: tracert 1.0.0.1

Tracing route to 1dot1dot1dot1.cloudflare-dns.com [1.0.0.1]
over a maximum of 30 hops:

1 22 ms 1 ms 1 ms router.asus.com [192.168.2.1]
2 6 ms 4 ms 1 ms 192.168.1.1
3 12 ms 22 ms 10 ms 103.30.141.1
4 18 ms 41 ms 8 ms 172.25.24.66
5 5 ms 14 ms 7 ms 172.25.24.17
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.


#2

This one looks like an issue on your local net. I don’t believe that 1.1.1.1 is the next HOP behind your router.

172.25 is a private network. Are you routing through a IPSec VPN?


#4

I am not behind any VPN. To me it’s seems my modem is hijacking 1.1.1.1


#5

Possible. Some modems have a management interface. Sometimes it is a fully funktional router set into bridge mode. (modem only). Depending on the manufacturer it could be the management IP.


#6

Yup! Now that my ISP is not listening is their any third party or authority to which I can report this hijacking and misuse of a public IP?


#7

APNIC and IRINN especially for india.

And becareful with finger pointing. This could also a problem with your router or it’s firmware or even with your local network.

1.1.1.1 wasn’t always public btw and used in many private networks because it’s “easy”


#8

So it turns out that it might be more than simple 1.1.1.1 hijacking. My ISP is blocking all third party DNS services except Google’s. Not only this they are also blocking ICMP tools like ping to every service other than google. Here is an example:

ping google.com

Pinging google.com [216.58.196.206] with 32 bytes of data:
Reply from 216.58.196.206: bytes=32 time=35ms TTL=55
Reply from 216.58.196.206: bytes=32 time=21ms TTL=55
Reply from 216.58.196.206: bytes=32 time=26ms TTL=55
Reply from 216.58.196.206: bytes=32 time=19ms TTL=55

Ping statistics for 216.58.196.206:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 35ms, Average = 25ms

ping yahoo.com

Pinging yahoo.com [98.138.219.231] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 98.138.219.231:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

ping microsoft.com

Pinging microsoft.com [104.43.195.251] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 104.43.195.251:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


#9

Time to switch ISP I guess.