Unable to Resolve www.worldometers.info
-
Hi, anyone having this issue? i have 3 pfsense in 3 different location all reported same problem...
all site is running with DNS resolver.
-
Im kinda believe'n this is a spam style flyby.. Political in nature.
-
Running Resolver here, no issue.
https://www.worldometers.info/coronavirus/ -
Works fine here.
-
Are you resolving? Or are you forwarding to some NS, if so what?
This resolves just fine.. And here is the trace showing how it is resolved.
$ dig www.worldometers.info +trace ; <<>> DiG 9.16.1 <<>> www.worldometers.info +trace ;; global options: +cmd . 848 IN NS f.root-servers.net. . 848 IN NS b.root-servers.net. . 848 IN NS d.root-servers.net. . 848 IN NS l.root-servers.net. . 848 IN NS g.root-servers.net. . 848 IN NS m.root-servers.net. . 848 IN NS c.root-servers.net. . 848 IN NS h.root-servers.net. . 848 IN NS i.root-servers.net. . 848 IN NS a.root-servers.net. . 848 IN NS k.root-servers.net. . 848 IN NS e.root-servers.net. . 848 IN NS j.root-servers.net. . 848 IN RRSIG NS 8 0 518400 20200515050000 20200502040000 48903 . dGTnT7OISNAcz0hcLgOXqLpvSAMJBWDpi1XSSvWpVekIo3ZOwfOHqMdJ DcZlGtmC4QfU7YXJi9LBVdCI57v9AbL8uyOJhCFVPmmjXoZvijZ9toPd Ou0YMdBQG2y5ToXinStHcZGeICNUYpwPyuNs+ulK7smJd7Co4N5y5V3t V+SO9wmVQNou3TIrUUX6KQ7DmyPBmoFIs24wy4NeQ/q547QZgSff7LUP 5rJMwxQhPwy3V3FcaMSbJfHFu5uO3WIHXS98i6HNVw/8G02xhHsTBtj3 NVsXzOB1Wfu4NERzka+Tle53jeK4TZnGWdXldnw4/729RVVVpfF4KpGt j3UQpw== ;; Received 525 bytes from 192.168.3.10#53(192.168.3.10) in 1 ms info. 172800 IN NS a0.info.afilias-nst.info. info. 172800 IN NS a2.info.afilias-nst.info. info. 172800 IN NS b0.info.afilias-nst.org. info. 172800 IN NS b2.info.afilias-nst.org. info. 172800 IN NS c0.info.afilias-nst.info. info. 172800 IN NS d0.info.afilias-nst.org. info. 86400 IN DS 8674 7 1 197789A2CBABA6FECD0B5AC88C5BC414CE1FC309 info. 86400 IN DS 8674 7 2 EC9B6082B96B5F87143696F2B483ACC9B2C433DCE0C94E70F1FF5648 CA18008B info. 86400 IN RRSIG DS 8 1 86400 20200516050000 20200503040000 48903 . eUpv5wm4BegEB1eLUx1HTRA2DIuyLRjmulteRIimx0VrSEx79j5j8HyH SF5bHs90HzjD/J1SpTC6QkKG/PnUGiJxFFAFmo1cXb99KSHTcRkzbHrg MQayosTK1j0PuGbxYwalNDiNWoYNgl0ErDn+rJXk9t98MCBAoZRer7rb XT2EZ3Dj/gBz60FwBK8l/N7iaFlNWiNjBSCn8f3dR0Zer2HVsGFyVtQI TNrOrYtICgzGqh7ZKhBqs5bZeGgB7tzUplYB/9OUb+3LcihiVF3PHgqn iu2evVDuXz1MXuQjag3RZF/KnU+bMw1uMPKdxAEnFgkp0RgwTFy8IgHt aneOvw== ;; Received 824 bytes from 192.5.5.241#53(f.root-servers.net) in 35 ms worldometers.info. 86400 IN NS moura.ns.cloudflare.com. worldometers.info. 86400 IN NS collins.ns.cloudflare.com. adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN NSEC3 1 1 1 D399EAAB ADNVG6B2JJN9MIEU7DJB24BL7RG5MDPI NS SOA RRSIG DNSKEY NSEC3PARAM adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN RRSIG NSEC3 7 2 3600 20200524115927 20200503105927 10544 info. GK/dXpMq+q/DtXuSRmLmeQkKDStjUujOurmKUxZTYrO9H3yWK5KXC5hs FVoMVQwGE4WyLnUe7bAUrMvyn3yToJQ/M+dER6tnVqq4Jm0MC++az9Kh oMHwkyT47aomHIjRvejLUjC/RN+xKrveTEh5cifTkmc5a0R+kL9yDQmV Ljg= j5pp0lj9ubr4gc69kn0f92n8hl9fia5m.info. 3600 IN NSEC3 1 1 1 D399EAAB J5PRQOQOFDNL3C96SOQM6UMF21J9D6NU NS DS RRSIG j5pp0lj9ubr4gc69kn0f92n8hl9fia5m.info. 3600 IN RRSIG NSEC3 7 2 3600 20200522152132 20200501142132 10544 info. bF5/e3x5Voy0S7F3MUtgohAwNaJ7tjsZkfVryubOmLQAoLCCxhCNDbtZ 9aw2MTIc9dpQpxfUi48g94//Vk9sRUZduvaf3zNVIh4l/WtIggFiKPHP OhtBY6OOrBL8j/SIFspj3pp4V1r2RExn+w1ZKSADctQr2oRavuloY6KC fl8= ;; Received 604 bytes from 199.249.113.1#53(a2.info.afilias-nst.info) in 16 ms www.worldometers.info. 300 IN A 104.26.5.2 www.worldometers.info. 300 IN A 104.26.4.2 ;; Received 82 bytes from 162.159.44.217#53(moura.ns.cloudflare.com) in 14 ms
If your resolving and not working - where is it failing, lets see the trace from your pfsense..
-
dig worldometers.info +trace
; <<>> DiG 9.14.9 <<>> worldometers.info +trace
;; global options: +cmd
. 57654 IN NS a.root-servers.net.
. 57654 IN NS b.root-servers.net.
. 57654 IN NS c.root-servers.net.
. 57654 IN NS d.root-servers.net.
. 57654 IN NS e.root-servers.net.
. 57654 IN NS f.root-servers.net.
. 57654 IN NS g.root-servers.net.
. 57654 IN NS h.root-servers.net.
. 57654 IN NS i.root-servers.net.
. 57654 IN NS j.root-servers.net.
. 57654 IN NS k.root-servers.net.
. 57654 IN NS l.root-servers.net.
. 57654 IN NS m.root-servers.net.
. 57654 IN RRSIG NS 8 0 518400 20200516170000 20200503160000 48903 . ixcOjZ5e4x/QGKzUs6DD3WZb738Prf6PXyJZCOudIRZ6ghuxv2bMSOXw FNDz7yP3q7XmSp7/LPcaWQf2jHKlReVvXgXkXbsXd+USXZ1tGrcwnTjX pXIieYo12fBidt9vLV/5hFz4e2YGUWl9i0146fb8Vop/slcETAba5wpf Jj+bzPGpKiu9Inm0CJMLZxlrBm/dIhnhmYQhCmpGUhtBIRueDL1hArXp GukbMmScfuktOCD8ori+6l+NUM5U9V3klAZg3LYXXRmBaqYBgpRN7x/B d2La2VLoUKpcdiRAwM+cJiivoejYH6pa63sj4Xewr0z7Cq8jb89P4c2w qs1dXA==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 1 msinfo. 172800 IN NS a0.info.afilias-nst.info.
info. 172800 IN NS a2.info.afilias-nst.info.
info. 172800 IN NS b0.info.afilias-nst.org.
info. 172800 IN NS b2.info.afilias-nst.org.
info. 172800 IN NS c0.info.afilias-nst.info.
info. 172800 IN NS d0.info.afilias-nst.org.
info. 86400 IN DS 8674 7 1 197789A2CBABA6FECD0B5AC88C5BC414CE1FC309
info. 86400 IN DS 8674 7 2 EC9B6082B96B5F87143696F2B483ACC9B2C433DCE0C94E70F1FF5648 CA18008B
info. 86400 IN RRSIG DS 8 1 86400 20200517050000 20200504040000 48903 . KPfLBaO9rbq5LhAAjF6yt/xiTH7qVgGzTkEpoTqTLhwSn8kecKzcDE5H P/qeUxA+jjmAsAA8Cl0ENtFsbtOVs6s1GteyxS3jx1YoL4sDLvs6wj8D vMTdNfaMDqPAVPYJDTiVXcvuG7sxOqyYEF07oTPtOqQ6kZ/MhgyLIC8S XxAe95kJnxj5hKJqzjmizlxNy56I5MV30FH9VC1VsIWvAfViE5uq2JNs gDhm6a5jNEYXWrtVTl4+zM7K7dStO3+f8X87L0DW0x85v/gN2QmeawQD YIJlJDRLwrH1jF3/Bvce4S+xYPEd4xGDDGk80mX3JK3OqQ82gTaGWVFl YuNBUg==
;; Received 820 bytes from 198.97.190.53#53(h.root-servers.net) in 175 msworldometers.info. 86400 IN NS collins.ns.cloudflare.com.
worldometers.info. 86400 IN NS moura.ns.cloudflare.com.
adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN NSEC3 1 1 1 D399EAAB ADNVG6B2JJN9MIEU7DJB24BL7RG5MDPI NS SOA RRSIG DNSKEY NSEC3PARAM
adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN RRSIG NSEC3 7 2 3600 20200525111235 20200504101235 10544 info. MhAkTtKuXTb7wmZ1hhcF1z7eBLh/sM/DcFNkhK48bW5mTIg6TU1m01nE zcFMxFaDOU3Kt60UUSp9fOFyU0DsKU2yNRYLgyCqFLK4fGuwObRBXA/l jUyZh2VRDpBUl3+MSftz7sBW4T6mcVa1OQCUmaApXwFw8MpVas4/qcwE hMY=
j5pp0lj9ubr4gc69kn0f92n8hl9fia5m.info. 3600 IN NSEC3 1 1 1 D399EAAB J5PRQOQOFDNL3C96SOQM6UMF21J9D6NU NS DS RRSIG
j5pp0lj9ubr4gc69kn0f92n8hl9fia5m.info. 3600 IN RRSIG NSEC3 7 2 3600 20200522152132 20200501142132 10544 info. bF5/e3x5Voy0S7F3MUtgohAwNaJ7tjsZkfVryubOmLQAoLCCxhCNDbtZ 9aw2MTIc9dpQpxfUi48g94//Vk9sRUZduvaf3zNVIh4l/WtIggFiKPHP OhtBY6OOrBL8j/SIFspj3pp4V1r2RExn+w1ZKSADctQr2oRavuloY6KC fl8=
;; Received 600 bytes from 199.254.48.1#53(b0.info.afilias-nst.org) in 241 ms;; connection timed out; no servers could be reached
[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root:
[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: -
@hhoong said in Unable to Resolve www.worldometers.info:
connection timed out; no servers could be reached
Well you failing to talk to cloudflare NS from that statement.. So yeah those would fail..
-
how come only this www.worldometers.info not working, very odd, i mean i donno if there is anything else that not working, so far overall everything working just fine >.<
-
Again you for whatever reason can not talk to the NS for that domain.. Do a directed query to either of those cloudflare ns
example
$ dig @collins.ns.cloudflare.com worldometers.info ; <<>> DiG 9.16.1 <<>> @collins.ns.cloudflare.com worldometers.info ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52275 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;worldometers.info. IN A ;; ANSWER SECTION: worldometers.info. 300 IN A 104.26.4.2 worldometers.info. 300 IN A 104.26.5.2 ;; Query time: 14 msec ;; SERVER: 162.159.38.226#53(162.159.38.226) ;; WHEN: Mon May 04 06:17:27 Central Daylight Time 2020 ;; MSG SIZE rcvd: 78
-
[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: dig @collins.ns.cloudflare.com worldometers.info
; <<>> DiG 9.14.9 <<>> @collins.ns.cloudflare.com worldometers.info
; (2 servers found)
;; global options: +cmd
;; connection timed out; no servers could be reached
[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root:anyway how do i reply in the black text box like u do ... LOL
-
Use the code box
Can you ping the IP even?
$ ping collins.ns.cloudflare.com Pinging collins.ns.cloudflare.com [162.159.38.226] with 32 bytes of data: Reply from 162.159.38.226: bytes=32 time=29ms TTL=55 Reply from 162.159.38.226: bytes=32 time=20ms TTL=55 Reply from 162.159.38.226: bytes=32 time=13ms TTL=55
Those NS are the authoritative NSers for that domain - so no if you can not talk to them, then you wouldn't be able to resolve stuff they are authoritative for..
-
can ping can nslookup
odd right >.<[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: ping collins.ns.cloudflare.com PING collins.ns.cloudflare.com (162.159.38.226): 56 data bytes 64 bytes from 162.159.38.226: icmp_seq=0 ttl=61 time=12.373 ms 64 bytes from 162.159.38.226: icmp_seq=1 ttl=61 time=11.953 ms 64 bytes from 162.159.38.226: icmp_seq=2 ttl=61 time=13.656 ms 64 bytes from 162.159.38.226: icmp_seq=3 ttl=61 time=13.199 ms 64 bytes from 162.159.38.226: icmp_seq=4 ttl=61 time=15.022 ms 64 bytes from 162.159.38.226: icmp_seq=5 ttl=61 time=13.560 ms ^C --- collins.ns.cloudflare.com ping statistics --- 6 packets transmitted, 6 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 11.953/13.294/15.022/0.987 ms [2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: nslookup collins.ns.cloudflare.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: collins.ns.cloudflare.com Address: 162.159.38.226 Name: collins.ns.cloudflare.com Address: 2606:4700:50::a29f:26e2 [2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root:
-
Well I would say something is blocking port 53 to them then, either on your end, or the ISP or cloudflare themselves - or something between.
But if you can not query them - then you can not resolve stuff they are authoritative for.
Are you forcing traffic out a vpn connection? What part of the world are you in - is it one where they dick with dns queries?
Can you query them for something else? Say for example.
$ dig @collins.ns.cloudflare.com cloudflare.com ; <<>> DiG 9.16.1 <<>> @collins.ns.cloudflare.com cloudflare.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38819 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;cloudflare.com. IN A ;; ANSWER SECTION: cloudflare.com. 300 IN A 104.17.175.85 cloudflare.com. 300 IN A 104.17.176.85 ;; Query time: 16 msec ;; SERVER: 162.159.38.226#53(162.159.38.226) ;; WHEN: Mon May 04 06:40:32 Central Daylight Time 2020 ;; MSG SIZE rcvd: 75
-
No VPN, I'm from Malaysia,
I have 3 pfsense across 3 location, all using same telco, all 3 not working[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: dig @collins.ns.cloudflare.com cloudflare.com ; <<>> DiG 9.14.9 <<>> @collins.ns.cloudflare.com cloudflare.com ; (2 servers found) ;; global options: +cmd ;; connection timed out; no servers could be reached [2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root:
-
@hhoong said in Unable to Resolve www.worldometers.info:
all using same telco
Well that would seem to be a problem then with them.
You for whatever reason can not query them for dns - so no you wouldn't not be able to resolve anything that they are authoritative for..
Can you get to https://www.cloudflare.com/
even - maybe they don't like your ISP and are blocking them ;) Do you get a captcha when you try and access?
-
@johnpoz said in Unable to Resolve www.worldometers.info:
@hhoong said in Unable to Resolve www.worldometers.info:
all using same telco
Well that would seem to be a problem then with them.
You for whatever reason can not query them for dns - so no you wouldn't not be able to resolve anything that they are authoritative for..
Can you get to https://www.cloudflare.com/
even - maybe they don't like your ISP and are blocking them ;)
thanks for the info :)
i guess now the only way for me to able to query www.worldometers.info is to enable forwarding in my DNS resolver.
i can access to https://www.cloudflare.com/ main page,
@hhoong said in Unable to Resolve www.worldometers.info:
can ping can nslookup
odd right >.<[2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: ping collins.ns.cloudflare.com PING collins.ns.cloudflare.com (162.159.38.226): 56 data bytes 64 bytes from 162.159.38.226: icmp_seq=0 ttl=61 time=12.373 ms 64 bytes from 162.159.38.226: icmp_seq=1 ttl=61 time=11.953 ms 64 bytes from 162.159.38.226: icmp_seq=2 ttl=61 time=13.656 ms 64 bytes from 162.159.38.226: icmp_seq=3 ttl=61 time=13.199 ms 64 bytes from 162.159.38.226: icmp_seq=4 ttl=61 time=15.022 ms 64 bytes from 162.159.38.226: icmp_seq=5 ttl=61 time=13.560 ms ^C --- collins.ns.cloudflare.com ping statistics --- 6 packets transmitted, 6 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 11.953/13.294/15.022/0.987 ms [2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root: nslookup collins.ns.cloudflare.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: collins.ns.cloudflare.com Address: 162.159.38.226 Name: collins.ns.cloudflare.com Address: 2606:4700:50::a29f:26e2 [2.4.5-RELEASE][admin@pfSense-Router.HuiHoong.Home]/root:
i can ping and nslookup to the collins.ns.cloudflare.com as well, maybe is time for me to get a VPN
-
Could the ISP be blocking DNS to any servers but their own?
-
No since from his trace he talked to roots, and the affiliates.. He got told where to go for his domain in his trace.. He just can't seem to get there.
-
I'm not sure but overall my DNS resolver was working, i just notice this www.worldometers.info not working for now, not sure of any other that is not working.
But base on what u said, maybe all that register under @collins.ns.cloudflare.com, most likely i not able to query ... -
No you would not be able to resolve anything that you can not talk to the authoritative NS for.. When you resolve you directly talk to the authoritative NS for that domain.. If you can not get to any of them, then anything they are authoritative for would fail to resolve..
That is how resolving works.. You get the info straight from the horses mouth - if you can not talk to the horse, then yeah you going to have a bad day.
I would get with your ISP to be honest, and ask them why you can not query that NS.