DNS not resolving Dronebl domains

throwaway1234

I'm trying to resolve a dronebl domain but it does not resolve properly when looking up locally on any machine on my network.

nslookup 2.0.0.127.dnsbl.dronebl.org
Server:  pfsense.local.lan
Address:  10.100.0.1

*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for 2.0.0.127.dnsbl.dronebl.org

It works when I use a different dns server

nslookup 2.0.0.127.dnsbl.dronebl.org 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    2.0.0.127.dnsbl.dronebl.org
Address:  127.0.0.1

It also works when I use the pfSense web interface, and all other dns works normally and as expected.

Any idea why subdomains don't resolve properly fort his domain?

johnpoz

So it returns 127.0.0.1?

That would be rebinding protection that would keep clients from resolving that.

https://docs.netgate.com/pfsense/en/latest/services/dns/rebinding.html

So for example..

I get

$ dig @192.168.9.253 2.0.0.127.dnsbl.dronebl.org

; <<>> DiG 9.16.13 <<>> @192.168.9.253 2.0.0.127.dnsbl.dronebl.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27939
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.0.0.127.dnsbl.dronebl.org.   IN      A

;; Query time: 313 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Fri Apr 02 22:52:16 Central Daylight Time 2021
;; MSG SIZE  rcvd: 56

I then set that domain as private via the rebind info linked too for unbound

Now when I query that

$ dig @192.168.9.253 2.0.0.127.dnsbl.dronebl.org

; <<>> DiG 9.16.13 <<>> @192.168.9.253 2.0.0.127.dnsbl.dronebl.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17577
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.0.0.127.dnsbl.dronebl.org.   IN      A

;; ANSWER SECTION:
2.0.0.127.dnsbl.dronebl.org. 3600 IN    A       127.0.0.1

;; Query time: 260 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Fri Apr 02 22:56:50 Central Daylight Time 2021
;; MSG SIZE  rcvd: 72

BTW: You see in my query I am directing toward 192.168.9.253, this is pfsense - my client normally queries a pihole on my network before pihole forwards to pfsense. So I wanted to take anything pihole might do for rebind out of the equation. Which is why you see me directly query 192.168.9.253 (lan interface of pfsense on my network)

throwaway1234

That resolves my issue! Thank you very much!

johnpoz

Glad you got it sorted..