DNS Resolver not resolving one specific host
-
Hi there,
I am having an issue where I cannot get DNS Resolver to resolve.
The host I am after is socks.hide.me
If I go on Diagnostics > DNS Lookup
I getHost "socks.hide.me" could not be resolved.
If I try from the terminal I get an empty answer (from the pfSense box)
However if I query another public resolver like cloudflare, it works fine.% dig @192.168.150.254 socks.hide.me A +all ; <<>> DiG 9.10.6 <<>> @192.168.150.254 socks.hide.me A +all ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47316 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 6 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;socks.hide.me. IN A ;; AUTHORITY SECTION: hide.me. 86205 IN NS ns3.hide.me. hide.me. 86205 IN NS ns1.hide.me. hide.me. 86205 IN NS ns4.hide.me. hide.me. 86205 IN NS ns0.hide.me. hide.me. 86205 IN NS ns2.hide.me. ;; ADDITIONAL SECTION: ns0.hide.me. 7005 IN A 208.94.148.2 ns1.hide.me. 1605 IN A 208.80.124.2 ns2.hide.me. 7005 IN A 208.80.126.2 ns3.hide.me. 7005 IN A 208.80.125.2 ns4.hide.me. 1605 IN A 208.80.127.2 ;; Query time: 56 msec ;; SERVER: 192.168.150.254#53(192.168.150.254) ;; WHEN: Thu Dec 12 16:55:17 WET 2019 ;; MSG SIZE rcvd: 212
% dig @1.1.1.1 socks.hide.me A +all ; <<>> DiG 9.10.6 <<>> @1.1.1.1 socks.hide.me A +all ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22798 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1452 ;; QUESTION SECTION: ;socks.hide.me. IN A ;; ANSWER SECTION: socks.hide.me. 10792 IN A 10.255.255.250 ;; Query time: 56 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) ;; WHEN: Thu Dec 12 16:56:47 WET 2019 ;; MSG SIZE rcvd: 58
I don't know if there are any other domains, but so far it looks like all is working fine but this. the www for the domain works perfectly fine.
Thanks
-
Its resolving to 10.x.x.x address - that is rfc1918 and should not be in public dns in the first place... But no unbound would not resolve that because of rebind protection
https://docs.netgate.com/pfsense/en/latest/dns/dns-rebinding-protections.html
-
Amazing, thanks John.
Actually I did think it was inside 10.xxx /8 but I figured if CloudFlare is passing it maybe it's me.
Cause also when I do +trace to the root-servers directly I end up with an Answer.
I was thinking of adding a simple host override?Cheers
-
where is is suppose to point.. is that your host and you set that and you want it to resolve internally?
Using rfc1918 space in public dns is borked! There is zero reason where it would be the correct thing to do..
-
Well, I will open a ticket, I have a paid service with that provider and I do use the socks5 proxy, recently I came across this, there's a couple of applications that are supposed to use it, and I noticed that the machine where the apps were sitting had cloudflare's DNS on the fixed DHCP lease (because of a previous issue a few months back that got sorted but that config went forgotten) and since we removed the CF's DNS from the lease.... and logs started firing it couldn't be resolved.
I completely agree with you regarding rfc1918's use in public space. Let's see what they say about it. Cheers