Instagram DNS issues
-
I started the trace then opened the app, I can see the first 4 lines of the capture requesting and resolve the Instagram domain, then it goes into a fizzy with the whole random domain that you have rightly mentioned is a common thing when using Chrome.
Odd that it's problematic and doesn't seem anyone else running pfSense with DNS Resolver and pfBlocker is having any issues with the Instagram app.
-
Have you tried turning off IPv6? Maybe your IPv6 is spotty?
Not sure how I missed the instagram queries - but again, I don't see anything in there that didn't resolve how it should, nor any long response times..
-
Thanks, johnpoz. I'll try disabling IPv6, if it is spotty I'd expect to see it across other applications but it's worth a shot.
-
OK, a few hours after disabling IPv6 on my wireless LAN interface and I have had no issues with the Instagram app on iOS. I have left IPv6 enabled on other VLAN's as I am not seeing any issues there.
Seems like one other person is also experiencing a similar issue:
https://forum.netgate.com/topic/131271/when-6to4-ipv6-is-enabled-facebook-mobile-does-not-fully-load-all-videos-and-pictures-ios-and-android/21
https://www.reddit.com/r/PFSENSE/comments/8luf26/had_to_disable_ipv6_for_facebook_mobile_apps_to/
-
Well jknott will tell you different, but to be honest I am not really a fan of ipv6... Running dual stack leads to many issues to be honest.. I only run it on a few test devices..
While it is the future for sure, there is nothing that says you need it or have to run it - or really to be honest any advantages to it currently - other than problems to be honest.
Its not that there is anything wrong with the protocol, its the implementations and skill sets of people setting it up and maintaining to be honest.. When there is weirdness, its always a good troubleshooting step to disable it and see if issue goes away.
I have been using it myself for 10 years, but only in test mode.. I serve up ntp to the public on it for example.. And run some dns for it.. And sure access some stuff (testing) via IPv6.. But in general is not active on my systems.. Other than my ntp server.
My current isp doesn't even support it, and my last isp comcast - that is suppose to be one of the leaders just had so many issues not worth it. I just run a tunnel via HE for my ipv6 needs. And with that its pretty rock solid - but I just don't see a reason... One one of the major players only has IPv6, when you can only get to google via IPv6 - then its ready for primetime.. You would think that the game makers would love it - and they have yet to actually embrace it to be honest.
So I wouldn't worry to much to just completely disabling it.. Unless you can name 1 service that actually requires it, there is no reason to run it is my point.
Glad that you got your issue sorted.
-
On the other hand, I've been using IPv6 the day I managed to get l my hand on a "ISPv6" that seems to respect the entire RFC IPv6 related.
My own ISPv4 only doesn't play well the IPv6 game : their own sites were "hard to visit" when using a IPv6 POP in Paris (I live in France). The site in question, www.orange.fr is IPv6 capable. And I have to say, these days, finally, things get better without me changing what so ever on my side.
Apple devices always have been very IPv6 aware, as the last 3 Microsoft Windows releases, and most other, more public free OS's.
For me, IPv6, has become "a set it and forget it" thing.
I see as many IPv6 leases as IPv4 leases on my network - IPv4 devices fade out quickly. -
I hear ya - it is suppose to be working int he background with user not having to do anything, and it will just work.. And this can be the case for many users.. But then there is that problem site that isn't doing it right, or the client that doesn't like to switch to IPv4.. Or the users ISP implementation is borked.
He problem might be his dealy is related to instagrams IPv6 is borked, or his connection to whatever via IPv6 is not working as it should.. And it takes time for the device to try ipv4... This is where you see many of the issues - when there is AAAA client that is dual stack will prefer the IPv6.. Only when this fails will it do the IPv4 connection. This causes delays and issues that the user is unwilling to deal with.
My point is if your seeing such issues - why put yourself through such grief, when there really isn't 1 site, other than maybe some darkweb or p0rn that is only IPv6.. All of the major players that do support IPv6, also have IPv4.. And many of the major players don't even support IPv6 yet..
Check out https://whynoipv6.com/ for some major sites that don't yet even support IPv6 for their actual site.
Its not that the protocol doesn't work - its the transition that is problematic and that everyone is not on it. And there are still many applications and software that are not yet up to speed.. Here is good example of that.
https://blog.apnic.net/2018/09/17/microsoft-making-progress-towards-ipv6-only/ -
Perhaps this may help someone in future, I made 2 changes to my network and things have been very stable with Instagram and IPv6.
Router Advertisements for the WLAN VLAN changed to Unmanaged.
If you have an access point that is on a tagged VLAN, check IGMP snooping is not blocking IPv6 multicast. On my edge switch, this command was the trick for my AP that was tagged.(UBNT EdgeSwitch) #config (UBNT EdgeSwitch) (Config)#set mld
This by no means will work for everyone but it sure seems to have resolved my issue.
-
This post is deleted! -
This post is deleted!