Blocking certain websites
-
I’m having a strange issue. Running pfsense 2.4.4-RELEASE-p3 (amd64). No additional packages installed and certain websites are being blocked. For example I’m trying to navigate to www.mychartlink.com and the page does not display. Firewall logs don’t show anything odd going on and need help as to why this is happening!
-
If your not running any sort of blocking package, proxy, ips, pfblocker then it would be blocked - but your maybe having an issue resolving it?
I show it as a cname
;; QUESTION SECTION:
;www.mychartlink.com. IN A;; ANSWER SECTION:
www.mychartlink.com. 3600 IN CNAME mychart.nsdmz.fmlh.edu.
mychart.nsdmz.fmlh.edu. 3600 IN A 192.227.60.140You would need to validate that you can actually resolve it.
Can pfsense look it up via the diagnostic, dns lookup?
-
And how would I test to see if I can resolve it?
-
see my edit
-
Host "mychartlink.com" could not be resolved.
-
well you need to figure out why..
Your doing default resolving right? If so then do a dig +trace on pfsense where does it fail in the path.
example
[2.4.4-RELEASE][admin@sg4860.local.lan]/root: dig www.mychartlink.com +trace ; <<>> DiG 9.12.2-P1 <<>> www.mychartlink.com +trace ;; global options: +cmd . 58044 IN NS a.root-servers.net. . 58044 IN NS b.root-servers.net. . 58044 IN NS c.root-servers.net. . 58044 IN NS d.root-servers.net. . 58044 IN NS e.root-servers.net. . 58044 IN NS f.root-servers.net. . 58044 IN NS g.root-servers.net. . 58044 IN NS h.root-servers.net. . 58044 IN NS i.root-servers.net. . 58044 IN NS j.root-servers.net. . 58044 IN NS k.root-servers.net. . 58044 IN NS l.root-servers.net. . 58044 IN NS m.root-servers.net. . 58044 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw== ;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20190722170000 20190709160000 59944 . PqBAgHy8bZiqRicVGqLL8PApMZPnHVRUpkbPNKMYzqM635Ge9HqBnlet xsxYGxRiKGO+HzRF7VBtMOxSk2F9BqHDRFoRSyA/KC5YkSgKj7pnmY7V 73ILTeOBzQU+HAFcZjfz9b7rifV6ZrYl8LxaEB+vneGgl5gWYmE+9fSD dl1lRpcN4AEwt2clXwOjUcVtQO+qw9UXalL7CepbqBHb4kFjW7opc/sC DmcAtVzO0FmtGdGVlbP2JODXP3nyNZyHGcNtI9y760kE8z+WOWLJh25r HzGYH8V5IpCnBP9RgbmLWDRYr834TELevikFo3wVriU0xoprniyHH2Wk 1g80vA== ;; Received 1179 bytes from 192.36.148.17#53(i.root-servers.net) in 80 ms mychartlink.com. 172800 IN NS ns1.fmlh.edu. mychartlink.com. 172800 IN NS ns2.fmlh.edu. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190714044431 20190707033431 3800 com. BKPFq/Z6OdQj3J/veD+Ty87mCyx1yfhuW3eFuZ4g6d6JOZ+CHghL6DEL y8ztytbZxVCMHrFRl5VkSrxM9buZ2MDJnHeZBqB/LwuCncLD9DRQ/5R3 tbvu8PIWFrwvpgfyez+h5/XVEKJqszN+rFlNEsOS4iaZDw+mIn3PYOt5 T2U= 7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN NSEC3 1 1 0 - 7HLJEJVLMB9BBET77MV7CF2TPL09F9CH NS DS RRSIG 7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN RRSIG NSEC3 8 2 86400 20190715050918 20190708035918 3800 com. Ud7b3fWAP0GEnJsv/gn/LhYF0pmXzFBg9x8mFbBD6KkgxxwJuRv0mY8A YvrRPp7tXeos+mUN8XJhn2qRs3zMPu7Gsi1qyn91fvmp5iNF/MFKVL81 lfLlZZvxqfG/cfZdiSnDSu7kZnp9LBwDHu9XBGidXXlFG5JPJVD5pAeT kHY= ;; Received 577 bytes from 2001:502:7094::30#53(j.gtld-servers.net) in 86 ms ;; Received 60 bytes from 192.227.60.94#53(ns1.fmlh.edu) in 18 ms [2.4.4-RELEASE][admin@sg4860.local.lan]/root: -
@kendalja said in Blocking certain websites:
Host "mychartlink.com" could not be resolved.
If you changed anything related to DNS on your pfSense, undo that.
Just setup the Resolver as you found it the first day, when you installed pfSense. Then, it worked.Do you use VPN ? IPSEC ? Any interfaces with "special, self invented IP addresses" ?
-
It definitely won't work until it can resolve but note it's a 192 IP. If you have a subnet incorrectly set to /9 or larger you will not be able to reach it.
Steve
-
@stephenw10 said in Blocking certain websites:
note it's a 192 IP. If you have a subnet incorrectly set to /9 or larger
Yeah guess it could be like the recent ipsec issue with 172/8 but that wouldn't have anything to do with him resolving it ;)
Or yeah it could
from 192.36.148.17#53(i.root-servers.net) in 80 msThere could be any number of NS in the path down from root that he might not be able to talk to if he had messed up mask on his 192.168 network.. etc.. Maybe he has /8 on it?? But would think there would be many more sites that would not resolve as well or could not get too. But maybe he hasn't noticed those yet.
-
Yeah I would expect it to be more noticeable but....
-
@johnpoz
Here is my output:; <<>> DiG 9.12.2-P1 <<>> www.mychartlink.com +trace
;; global options: +cmd
. 4102 IN NS m.root-servers.net.
. 4102 IN NS b.root-servers.net.
. 4102 IN NS c.root-servers.net.
. 4102 IN NS d.root-servers.net.
. 4102 IN NS e.root-servers.net.
. 4102 IN NS f.root-servers.net.
. 4102 IN NS g.root-servers.net.
. 4102 IN NS h.root-servers.net.
. 4102 IN NS i.root-servers.net.
. 4102 IN NS a.root-servers.net.
. 4102 IN NS j.root-servers.net.
. 4102 IN NS k.root-servers.net.
. 4102 IN NS l.root-servers.net.
. 4102 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 mscom. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20190723210000 20190710200000 59944 . aNKg8AniSo8Ol2TuO1+wmnOHI7fwrXt2UBYeH2tStOywKzey3AhIYQzA 5pzJMvs4VDjjkxZHMyWiHVdDzCEf6HWPtvk2Sto+DjImyxW4NRHfsxKD yqFD43q+fHJavu5p4Mbb4CxsA+xdrLd6yONTKz/YGFtKd5bkUjRJf8M2 JRyC4DU0ba2o80MTuc6pgSwc7S1bI1JDDrwX4fELeRiWnU80WqgLysxk U76tlgqjnK6UF8XPSneC969F9FjZXyX3FmbvdgDYwKGIoC+MC1uhqZwz Ahog2nKkCxftrYfEYflwx/3CZjRy/yjePDJSk1+3MjEru+Sc2ZCABeex +Mybjw==
;; Received 1207 bytes from 199.9.14.201#53(b.root-servers.net) in 78 msmychartlink.com. 172800 IN NS ns1.fmlh.edu.
mychartlink.com. 172800 IN NS ns2.fmlh.edu.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190714044431 20190707033431 3800 com. BKPFq/Z6OdQj3J/veD+Ty87mCyx1yfhuW3eFuZ4g6d6JOZ+CHghL6DEL y8ztytbZxVCMHrFRl5VkSrxM9buZ2MDJnHeZBqB/LwuCncLD9DRQ/5R3 tbvu8PIWFrwvpgfyez+h5/XVEKJqszN+rFlNEsOS4iaZDw+mIn3PYOt5 T2U=
7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN NSEC3 1 1 0 - 7HLJEJVLMB9BBET77MV7CF2TPL09F9CH NS DS RRSIG
7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN RRSIG NSEC3 8 2 86400 20190715050918 20190708035918 3800 com. Ud7b3fWAP0GEnJsv/gn/LhYF0pmXzFBg9x8mFbBD6KkgxxwJuRv0mY8A YvrRPp7tXeos+mUN8XJhn2qRs3zMPu7Gsi1qyn91fvmp5iNF/MFKVL81 lfLlZZvxqfG/cfZdiSnDSu7kZnp9LBwDHu9XBGidXXlFG5JPJVD5pAeT kHY=
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not found
dig: couldn't get address for 'ns1.fmlh.edu': no more -
Yes I use OpenVPN
-
@kendalja said in Blocking certain websites:
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not foundOk there is your problem your having a problem resolving the NS for the authoritative ns for for what your looking for..
do a dig +trace to ns1.fmlh.edu
-
; <<>> DiG 9.12.2-P1 <<>> +trace to ns1.fmlh.edu
;; global options: +cmd
. 394 IN NS m.root-servers.net.
. 394 IN NS b.root-servers.net.
. 394 IN NS c.root-servers.net.
. 394 IN NS d.root-servers.net.
. 394 IN NS e.root-servers.net.
. 394 IN NS f.root-servers.net.
. 394 IN NS g.root-servers.net.
. 394 IN NS h.root-servers.net.
. 394 IN NS i.root-servers.net.
. 394 IN NS a.root-servers.net.
. 394 IN NS j.root-servers.net.
. 394 IN NS k.root-servers.net.
. 394 IN NS l.root-servers.net.
. 394 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 msto. 172800 IN NS newyork.tonic.to.
to. 172800 IN NS tonic.to.
to. 172800 IN NS frankfurt.tonic.to.
to. 172800 IN NS singapore.tonic.to.
to. 172800 IN NS colo.to.
to. 86400 IN NSEC today. NS RRSIG NSEC
to. 86400 IN RRSIG NSEC 8 1 86400 20190723210000 20190710200000 59944 . QqxLuc4QRHtd57oT296I27kW3YzwFCL2l8IZw+5rVoTjlwrFUCCxyQVE 8sQKhm8Bi/AMIES3cmRxQXYFonj2qnHmU3qcLt18/H6id8w+49SY7zs5 7hg4NUYegvF/uMX6cQBdZfHRn5XcZvO9aIUsFLnMkbfBi7qnhb8wsiw4 UiotzSByyQgYiwKjHfRHPVtsD0IhRPsDJngiEsXegbULF8ZOFy+7OLF1 aYL67pZPqvzcAHWCkouVy1Zdfv2QGnyXdpGPXuzeSVwBTrzykCXXJLxm b5paUF11ii/AJ4feQ+1ptK6dDNdVKD/gzRf8HvVt2SF2c933nQXLdu3S x6yG1Q==
;; Received 562 bytes from 192.112.36.4#53(g.root-servers.net) in 69 msto. 7200 IN SOA to. hostmaster.tonic.to. 2019071103 43200 7200 2592000 7200
;; Received 114 bytes from 216.74.32.100#53(tonic.to) in 85 ms. 392 IN NS m.root-servers.net.
. 392 IN NS b.root-servers.net.
. 392 IN NS c.root-servers.net.
. 392 IN NS d.root-servers.net.
. 392 IN NS e.root-servers.net.
. 392 IN NS f.root-servers.net.
. 392 IN NS g.root-servers.net.
. 392 IN NS h.root-servers.net.
. 392 IN NS i.root-servers.net.
. 392 IN NS a.root-servers.net.
. 392 IN NS j.root-servers.net.
. 392 IN NS k.root-servers.net.
. 392 IN NS l.root-servers.net.
. 392 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 msedu. 172800 IN NS a.edu-servers.net.
edu. 172800 IN NS b.edu-servers.net.
edu. 172800 IN NS c.edu-servers.net.
edu. 172800 IN NS d.edu-servers.net.
edu. 172800 IN NS e.edu-servers.net.
edu. 172800 IN NS f.edu-servers.net.
edu. 172800 IN NS g.edu-servers.net.
edu. 172800 IN NS h.edu-servers.net.
edu. 172800 IN NS i.edu-servers.net.
edu. 172800 IN NS j.edu-servers.net.
edu. 172800 IN NS k.edu-servers.net.
edu. 172800 IN NS l.edu-servers.net.
edu. 172800 IN NS m.edu-servers.net.
edu. 86400 IN DS 28065 8 2 4172496CDE85534E51129040355BD04B1FCFEBAE996DFDDE652006F6 F8B2CE76
edu. 86400 IN RRSIG DS 8 1 86400 20190723210000 20190710200000 59944 . H/Y7cMxnOtc5tO3rWnvHVFvndTHcBtn7USzQJTuDknHuQaWVmpdX380S WyF2K2a2dEgQCpP0ad/zp9+iWRMZFLYVpGOiDs23F4UWj1/QZDx7umGW bfJjDgifMy8fqhrwHmj5NjCoDXYNvls0kp6tRrf/0xa595Siqq6hmJlS 2x3vF0yxs+CfrGZ5CXOfi2GJOgYsbBYgvuVhlNQebgCXHFW6bZcDedBD I63wmQJiIu8uXhYihqaJiMEoC0NlqgmCVezbFSjV5s/LJDudddFCsYKF g9aTBV642RfZwsJvF1NkLYZwrEgH586z9vxVQtLLZQIswFeas/1vwEOW a4KDWw==
;; Received 1171 bytes from 199.7.91.13#53(d.root-servers.net) in 54 msfmlh.edu. 172800 IN NS ns1.fmlh.edu.
fmlh.edu. 172800 IN NS ns2.fmlh.edu.
9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN NSEC3 1 1 0 - 9DJ96HTERMR050IABU7M39VMPSQTFF5D NS SOA RRSIG DNSKEY NSEC3PARAM
9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190718004815 20190710233815 1457 edu. Si7SdeAHaqnGrmLptPxDkHEKv4RBDEIQJo7x1WZ0PRacuQeMq9Dnb/zi Au8wZdSMYNWe6QRiiMOYkUOnFcpR29S4WLQR6MZM1TgdbG/AtBI03gKt DBRUB2JSOUrPR2nN/zUAbAoTzh6cwJZgNnbYviamKMY3dwopZLft+HT6 plISfW+TvVT5mrl5R2dArapI3PtZ8fck9BbrDq/ZtKDNEg==
LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN NSEC3 1 1 0 - LNS26L2SEVK54IL98C1GQ7SI2TBNTQOK NS DS RRSIG
LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190717220952 20190710205952 1457 edu. MWGNOD+Q+Z5SOq4hdDOjFrqa3sIdWZCiB/2E0JVLltp07ftoy6YS4F+c ZEXaxMMb93lt2DdJwKLmzy0nUkpvnOPFmfdckT/rPATfxy4+fZjfRza1 hmDP5deLPwSEiggUX+64WkJih68nFUiUFH865tbtNcyhkxoDFS+TA5fO +LiTPkOMqEtbxjDxh13CTHpHwpMJqVGlfiG+IjOLUrD2Ow==
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not found
dig: couldn't get address for 'ns1.fmlh.edu': no more -
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Jul 11, 2019, 10:47 AM Jul 11, 2019, 10:43 AM
@kendalja said in Blocking certain websites:
to. 172800 IN NS newyork.tonic.to.
to. 172800 IN NS tonic.to.
to. 172800 IN NS frankfurt.tonic.to.
to. 172800 IN NS singapore.tonic.to.
to. 172800 IN NS colo.to.Where are those coming from??
That is not right...
;; Received 562 bytes from 192.112.36.4#53(g.root-servers.net) in 69 ms
no not true...
$ dig @g.root-servers.net ns1.fmlh.edu ; <<>> DiG 9.14.3 <<>> @g.root-servers.net ns1.fmlh.edu ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37881 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: dae72160d492ad56dc6196a35d27128cbd7b561642df64ca (good) ;; QUESTION SECTION: ;ns1.fmlh.edu. IN A ;; AUTHORITY SECTION: edu. 172800 IN NS m.edu-servers.net. edu. 172800 IN NS k.edu-servers.net. edu. 172800 IN NS j.edu-servers.net. edu. 172800 IN NS d.edu-servers.net. edu. 172800 IN NS c.edu-servers.net. edu. 172800 IN NS f.edu-servers.net. edu. 172800 IN NS a.edu-servers.net. edu. 172800 IN NS b.edu-servers.net. edu. 172800 IN NS i.edu-servers.net. edu. 172800 IN NS h.edu-servers.net. edu. 172800 IN NS g.edu-servers.net. edu. 172800 IN NS e.edu-servers.net. edu. 172800 IN NS l.edu-servers.net. ;; ADDITIONAL SECTION: a.edu-servers.net. 172800 IN A 192.5.6.30 b.edu-servers.net. 172800 IN A 192.33.14.30 c.edu-servers.net. 172800 IN A 192.26.92.30 d.edu-servers.net. 172800 IN A 192.31.80.30 e.edu-servers.net. 172800 IN A 192.12.94.30 f.edu-servers.net. 172800 IN A 192.35.51.30 g.edu-servers.net. 172800 IN A 192.42.93.30 h.edu-servers.net. 172800 IN A 192.54.112.30 i.edu-servers.net. 172800 IN A 192.43.172.30 j.edu-servers.net. 172800 IN A 192.48.79.30 k.edu-servers.net. 172800 IN A 192.52.178.30 l.edu-servers.net. 172800 IN A 192.41.162.30 m.edu-servers.net. 172800 IN A 192.55.83.30 a.edu-servers.net. 172800 IN AAAA 2001:503:a83e::2:30 b.edu-servers.net. 172800 IN AAAA 2001:503:231d::2:30 c.edu-servers.net. 172800 IN AAAA 2001:503:83eb::30 d.edu-servers.net. 172800 IN AAAA 2001:500:856e::30 e.edu-servers.net. 172800 IN AAAA 2001:502:1ca1::30 f.edu-servers.net. 172800 IN AAAA 2001:503:d414::30 g.edu-servers.net. 172800 IN AAAA 2001:503:eea3::30 h.edu-servers.net. 172800 IN AAAA 2001:502:8cc::30 i.edu-servers.net. 172800 IN AAAA 2001:503:39c1::30 j.edu-servers.net. 172800 IN AAAA 2001:502:7094::30 k.edu-servers.net. 172800 IN AAAA 2001:503:d2d::30 l.edu-servers.net. 172800 IN AAAA 2001:500:d937::30 m.edu-servers.net. 172800 IN AAAA 2001:501:b1f9::30 ;; Query time: 27 msec ;; SERVER: 192.112.36.4#53(192.112.36.4) ;; WHEN: Thu Jul 11 05:42:20 Central Daylight Time 2019 ;; MSG SIZE rcvd: 864Do a dig direct to one of the roots, like I did -- what do you get back?
The roots wold not send you to some tonic.to NS?? Those are not the NS for the edu tld
these are
$ dig edu. NS ; <<>> DiG 9.14.3 <<>> edu. NS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57810 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;edu. IN NS ;; ANSWER SECTION: edu. 86400 IN NS i.edu-servers.net. edu. 86400 IN NS e.edu-servers.net. edu. 86400 IN NS f.edu-servers.net. edu. 86400 IN NS k.edu-servers.net. edu. 86400 IN NS c.edu-servers.net. edu. 86400 IN NS h.edu-servers.net. edu. 86400 IN NS l.edu-servers.net. edu. 86400 IN NS m.edu-servers.net. edu. 86400 IN NS b.edu-servers.net. edu. 86400 IN NS d.edu-servers.net. edu. 86400 IN NS a.edu-servers.net. edu. 86400 IN NS j.edu-servers.net. edu. 86400 IN NS g.edu-servers.net. ;; Query time: 56 msec ;; SERVER: 192.168.3.10#53(192.168.3.10) ;; WHEN: Thu Jul 11 05:46:49 Central Daylight Time 2019 ;; MSG SIZE rcvd: 255 -
@johnpoz said in Blocking certain websites:
dig @g.root-servers.net ns1.fmlh.edu
; <<>> DiG 9.12.2-P1 <<>> @g.root-servers.net ns1.fmlh.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45236
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27
;; WARNING: recursion requested but not available;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7d2f24065c060bbeb062fad05d27a51bf0486e957655399f (good)
;; QUESTION SECTION:
;ns1.fmlh.edu. IN A;; AUTHORITY SECTION:
edu. 172800 IN NS e.edu-servers.net.
edu. 172800 IN NS a.edu-servers.net.
edu. 172800 IN NS h.edu-servers.net.
edu. 172800 IN NS m.edu-servers.net.
edu. 172800 IN NS f.edu-servers.net.
edu. 172800 IN NS l.edu-servers.net.
edu. 172800 IN NS g.edu-servers.net.
edu. 172800 IN NS k.edu-servers.net.
edu. 172800 IN NS b.edu-servers.net.
edu. 172800 IN NS i.edu-servers.net.
edu. 172800 IN NS c.edu-servers.net.
edu. 172800 IN NS d.edu-servers.net.
edu. 172800 IN NS j.edu-servers.net.;; ADDITIONAL SECTION:
a.edu-servers.net. 172800 IN A 192.5.6.30
b.edu-servers.net. 172800 IN A 192.33.14.30
c.edu-servers.net. 172800 IN A 192.26.92.30
d.edu-servers.net. 172800 IN A 192.31.80.30
e.edu-servers.net. 172800 IN A 192.12.94.30
f.edu-servers.net. 172800 IN A 192.35.51.30
g.edu-servers.net. 172800 IN A 192.42.93.30
h.edu-servers.net. 172800 IN A 192.54.112.30
i.edu-servers.net. 172800 IN A 192.43.172.30
j.edu-servers.net. 172800 IN A 192.48.79.30
k.edu-servers.net. 172800 IN A 192.52.178.30
l.edu-servers.net. 172800 IN A 192.41.162.30
m.edu-servers.net. 172800 IN A 192.55.83.30
a.edu-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
b.edu-servers.net. 172800 IN AAAA 2001:503:231d::2:30
c.edu-servers.net. 172800 IN AAAA 2001:503:83eb::30
d.edu-servers.net. 172800 IN AAAA 2001:500:856e::30
e.edu-servers.net. 172800 IN AAAA 2001:502:1ca1::30
f.edu-servers.net. 172800 IN AAAA 2001:503:d414::30
g.edu-servers.net. 172800 IN AAAA 2001:503:eea3::30
h.edu-servers.net. 172800 IN AAAA 2001:502:8cc::30
i.edu-servers.net. 172800 IN AAAA 2001:503:39c1::30
j.edu-servers.net. 172800 IN AAAA 2001:502:7094::30
k.edu-servers.net. 172800 IN AAAA 2001:503:d2d::30
l.edu-servers.net. 172800 IN AAAA 2001:500:d937::30
m.edu-servers.net. 172800 IN AAAA 2001:501:b1f9::30;; Query time: 64 msec
;; SERVER: 192.112.36.4#53(192.112.36.4)
;; WHEN: Thu Jul 11 16:07:38 CDT 2019
;; MSG SIZE rcvd: 864 -
Yeah, ok, it works.
But what about the tonic.to guy ? Where did he came from ?
By any chance, you have a local network looking like 192./8 ?
-
yeah not understanding where that tonic.to stuff came from exactly..
-
Could it be because of my openVPN configuration? All my network traffic goes through the VPN on this pfsense machine.
-
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Jul 12, 2019, 12:43 AM Jul 12, 2019, 12:40 AM
Yeah you really need to mention this shit ;)
So your vpn is messing with your dns queries?
So why in 1 query its normal, and then in the first one you got back some tonic.to nonsense?
I would suggest you turn off your vpn shit, or atleast make sure that pfsense dns resolving just goes out your normal isp connecton and do a dig +trace.. those tonic.to are for 100% sure not part of the resolving process!!