Verifying router settings are working


#1

Having configured my router as per the instructions, how do I now verify from one of my other machines that I’m using the right DNS server?


Verifying Router is using 1.1.1.1
#2

Hi @paul.hargreaves, take a look at this info and if you have questions or problems verifying post back. :slight_smile:


#3

I also found this / may be helpful both for checking settings and overall router security.

F-Secure Router Checker
Router Checker is a free, web-based tool that checks your router’s settings and detects if it may have been hijacked by criminals. If your router is compromised, every single device on your network is at risk of being hacked.


#4

This may help expedite your new DHCP settings from the router by clearing the DNS cache.

Windows PC

ipconfig /release
ipconfig /flushdns
ipconfig /renew

MacOS

sudo killall -HUP mDNSResponder


#5

Dig doesn’t help; it was the first thing I tried.

Linux:

$ dig cnn.com
; <<>> DiG 9.10.3-P4-Ubuntu <<>> cnn.com
[snip]
cnn.com.		5	IN	A	151.101.1.67

;; Query time: 748 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Apr 02 07:59:56 BST 2018
;; MSG SIZE  rcvd: 100

OSX:

$ dig www.yahoo.com
; <<>> DiG 9.9.7-P3 <<>> www.yahoo.com
[snip]
atsv2-fp.wg1.b.yahoo.com. 26	IN	A	87.248.98.7

;; Query time: 22 msec
;; SERVER: 6.6.6.254#53(6.6.6.254)
;; WHEN: Mon Apr 02 08:00:36 BST 2018
;; MSG SIZE  rcvd: 92

(6.6.6.254 is the router)

I also tried the F-Secure but the ‘DNS IP’ returns an IP address from the same DSL provider I’m using.
That doesn’t mean the ISP is hijacking though, since cloudflare use them as a pop.

$ sudo ./dnstraceroute.py --expert -C -t A -s 1.1.1.1 facebook.com
dnstraceroute.py DNS: 1.1.1.1:53, hostname: facebook.com, rdatatype: A
1	gateway (172.16.65.2) 1.626 ms
2	 *
3	1dot1dot1dot1.cloudflare-dns.com (1.1.1.1) 27.947 ms

That’s still not conclusive however.


#6

Try dig cnn.com @1.0.0.1 ANY

if it is Cloudflare under status you will see “status: NOTIMP,” as we don’t support the ANY query.


#7
$ dig cnn.com @1.0.0.1 ANY
;; Warning: Message parser reports malformed message packet.

; <<>> DiG 9.10.3-P4-Ubuntu <<>> cnn.com @1.0.0.1 ANY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25031
;; flags: qr rd ra; QUERY: 1, ANSWER: 50, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: Message has 2 extra bytes at end

;; QUESTION SECTION:
;cnn.com.			IN	ANY

;; ANSWER SECTION:
cnn.com.		60	IN	A	151.101.193.67
[snip]

So I should assume then that it’s not working correctly in this case?


#8

Are you by chance using dnsmasq? It might be intercepting DNS queries on the ubuntu box…


#9

Is this test 100% conclusive? I did get a return of “status: NOTIMP,” after changing the router settings. Just wanting to confirm if there is any other test I should be running? Thanks in advance to OP for starting this thread and the everyone who has responded.


#10

If you’ve changed your router settings (and your Client is configured to use the router for DNS) doing dig cnn.com ANY (without needing to add @1.1.1.1) should return the “status: NOTIMP,”.


#11

I get the same response via OSX,
BTW, ISP is Vodafone UK, so not a small one. Not sure if there are other VF users who have already had a go, so that I can figure out if it’s ‘user error’ (router not working properly etc) or VF messing with port 53.


#12

dig cnn.com without adding @1.1.1.1 returns “status: NOERROR,” same as @paul.hargreaves mentioned above.
; <<>> DiG 9.10.3-P4-Ubuntu <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52973
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com. IN A

;; ANSWER SECTION:
cnn.com.		60	IN	A	151.101.129.67
cnn.com.		60	IN	A	151.101.193.67
cnn.com.		60	IN	A	151.101.65.67
cnn.com.		60	IN	A	151.101.1.67

;; AUTHORITY SECTION:
cnn.com.		2903	IN	NS	ns-47.awsdns-05.com.
cnn.com.		2903	IN	NS	ns-576.awsdns-08.net.
cnn.com.		2903	IN	NS	ns-1086.awsdns-07.org.
cnn.com.		2903	IN	NS	ns-1630.awsdns-11.co.uk.

;; Query time: 20 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Apr 02 11:39:27 EDT 2018
;; MSG SIZE  rcvd: 236