DNS not resolving .tv domain
-
; <<>> DiG 9.16.23 <<>> twitch.tv +trace ;; global options: +cmd . 85615 IN NS h.root-servers.net. . 85615 IN NS i.root-servers.net. . 85615 IN NS j.root-servers.net. . 85615 IN NS k.root-servers.net. . 85615 IN NS l.root-servers.net. . 85615 IN NS m.root-servers.net. . 85615 IN NS a.root-servers.net. . 85615 IN NS b.root-servers.net. . 85615 IN NS c.root-servers.net. . 85615 IN NS d.root-servers.net. . 85615 IN NS e.root-servers.net. . 85615 IN NS f.root-servers.net. . 85615 IN NS g.root-servers.net. . 85615 IN RRSIG NS 8 0 518400 20221208050000 20221125040000 18733 . JWFidjSX6XRfkLNVQiTRcZa3fXM1TDgAVcj9NFkxNwKvov6f8UTfwYqn FWW4GfWdZ3oIlG3eaE5atomppvL8AIkzg2ROVn8NYojGPA/8aBNLKpq0 +D9dojQ5OC1ZNlc9aIMgAE08Tlc+F4u41/QynIBqElTZwNB9JQNt6XzV 8nIe652mFEMumFLYOe6wCEa7AKUihfUsZpER0H65b42Lvb6B9idBIENQ iK3V7af4xIiwe0iVqpSBb/wqQlf/c2slIkFl3WkkISyOUp1z9S+Jllvz okAayhL5TemYrVMXqRWdfGqNEJZpmfFkFM6EVks422UTzmpmtZG0ERfb i5soDQ== ;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 70 ms tv. 172800 IN NS a.nic.tv. tv. 172800 IN NS b.nic.tv. tv. 172800 IN NS c.nic.tv. tv. 172800 IN NS d.nic.tv. tv. 86400 IN DS 2107 8 2 2F2DC481C07E7DB2E54A546A7A35CC16CBCF242EC76B71385A42CD7B C37E7FC8 tv. 86400 IN DS 44904 8 2 1CFE1309925B78F42C8B4862A670B0BAB9FC142ED8B4D41E24C65FE6 A0D9DFB4 tv. 86400 IN RRSIG DS 8 1 86400 20221208170000 20221125160000 18733 . hExLh12YHAqixEpbkYQq0wFiTio5nuCIJIngTwATuXeaOJDwalFtLyzq I61CQ1oYx8qtz/6EuvSO0qEnzh90LMPmOqaeHg8RjsBBVpRrzXUGCtdL 7Fp4GmRZimAd+DeKnQHQqIjqqKcAbSBsKrQ7MlEAicO6sAPiY+aCUmlC ZUJ7OFe+bgxFyNqWATfhgQ5Vx1KvrldvvxZGE8NW8vWupU2KHpQugSTO EiYFFBQoT5Py106ZYK1n3E/CrIMnfwjQceIIxmSREjOwIgQHThMSfgNe iMeuWFHz1HHzUhrLuVsS1zdZOO6uaeaiqcEa7kD2820Oe4uTLPORoxvu TwYnBw== ;; Received 665 bytes from 199.7.91.13#53(d.root-servers.net) in 101 ms twitch.tv. 172800 IN NS ns-1778.awsdns-30.co.uk. twitch.tv. 172800 IN NS ns-664.awsdns-19.net. twitch.tv. 172800 IN NS ns-219.awsdns-27.com. twitch.tv. 172800 IN NS ns-1450.awsdns-53.org. e7q4euc85b62pb5ajfj5j1acugc1et4q.tv. 900 IN NSEC3 1 1 0 - E7SLN323GEPVNV66C00O4VFO7U26E4TO NS SOA RRSIG DNSKEY NSEC3PARAM CDS CDNSKEY TYPE65534 e7q4euc85b62pb5ajfj5j1acugc1et4q.tv. 900 IN RRSIG NSEC3 8 2 900 20221225111821 20221125102905 53769 tv. RDLbTzRxZViczROEsFhYUUXZB2hqEKcd7ZqTKvpkK3NKF/yA99ptKDLk 9XScIzi4fnJDxWaxermFxqk3E415XsZOGoJbCZ02da2KpaRf2s4zCBUu G7VRlb+U6JRbtQYazEDFPXxwDqXQegzns7DcdGuEoq1gPPbT144Wt5Mh NCK9VNR+1kdSmfYjUIJ4ADBmCMnJ73iJ7bkcn2dmqrXfqQ== u1iseatt1itoh3tgsvohducor3h9j38e.tv. 900 IN NSEC3 1 1 0 - U1ME85IJTHEPQ4MUBHO4N964TMAE1H76 NS DS RRSIG u1iseatt1itoh3tgsvohducor3h9j38e.tv. 900 IN RRSIG NSEC3 8 2 900 20221225123414 20221125121013 53769 tv. 3j2RR+zOrgdmvpo+8dcA8T/2/jKngSH6bF2YnMbfUsclFseqWGk+k3+5 ip+JV6eHMXxOZum9Xqof7PYva3MgAk8tWNCixEv7Ah4E/FDeBjWbLZq1 ItH0kaf2IRm6j1dBSyHtiGDbw2nrLXSE2JjxuJhIuhATIJOV4JLnlowj 8FYFSUw26wAsisNTigKxPQyH3XWSCeqRNvZ29NUuXfBdOw== ;; Received 760 bytes from 37.209.198.6#53(d.nic.tv) in 77 ms twitch.tv. 3600 IN A 151.101.66.167 twitch.tv. 3600 IN A 151.101.2.167 twitch.tv. 3600 IN A 151.101.194.167 twitch.tv. 3600 IN A 151.101.130.167 twitch.tv. 172800 IN NS ns-1450.awsdns-53.org. twitch.tv. 172800 IN NS ns-1778.awsdns-30.co.uk. twitch.tv. 172800 IN NS ns-219.awsdns-27.com. twitch.tv. 172800 IN NS ns-664.awsdns-19.net. ;; Received 242 bytes from 205.251.194.152#53(ns-664.awsdns-19.net) in 77 ms°(information text)
-
As far as I can tell, everything is working fine till it gets to pfsense...
Linux machines are unable to get the IP for a .tv domain while other computers can still access the exact same site, while on the same network...
-
@mathomas3 said in DNS not resolving .tv domain:
As far as I can tell, everything is working fine till it gets to pfsense...
Your trace shows that pfsense is resolving it just fine.
Your ubuntu trace is asking itself - where does it actually go to do the lookup?
On your ubuntu machine do a directed query towards pfsense.
example.
user@NewUC:~$ dig @192.168.3.253 twitch.tv ; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @192.168.3.253 twitch.tv ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40879 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;twitch.tv. IN A ;; ANSWER SECTION: twitch.tv. 30 IN A 151.101.66.167 twitch.tv. 30 IN A 151.101.194.167 twitch.tv. 30 IN A 151.101.130.167 twitch.tv. 30 IN A 151.101.2.167 ;; Query time: 0 msec ;; SERVER: 192.168.3.253#53(192.168.3.253) (UDP) ;; WHEN: Fri Nov 25 12:52:25 CST 2022 ;; MSG SIZE rcvd: 102
192.168.3.253 is interface on pfsense.
-
dig @192.168.1.1 twitch.tv ; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @192.168.1.1 twitch.tv ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached $ dig @192.168.1.1 google.com ; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @192.168.1.1 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14402 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 33 IN A 142.250.190.142 ;; Query time: 576 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP) ;; WHEN: Fri Nov 25 12:57:28 CST 2022 ;; MSG SIZE rcvd: 55
I then ran dig once more and I got something different.
code_text ; dig @192.168.1.1 twitch.tv ; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @192.168.1.1 twitch.tv ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47389 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;twitch.tv. IN A ;; Query time: 1724 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP) ;; WHEN: Fri Nov 25 13:02:15 CST 2022 ;; MSG SIZE rcvd: 38
-
Came across this.
How all of this comes together and help?
Thanks the help BTW. Im a sysadmin, networking is not my strong point :)
-
@mathomas3 Diagnostics->DNS Lookup
search for twitch.tv
what do you get? -
@mathomas3 what is 192.168.1.1?
That is pfsense interface? So you have pfsense forwarding to 192.168.1.1?
You got something odd if it takes 576ms too lookup google.
A normal setup is you have pfsense point to itself 127.0.0.1 and have it forward to where you want to forward, be that 8.8.8.8 or cloudflare or quad9, etc.
-
@rcoleman-netgate
Hello,
Every other device on my network that is not running Linux can access twitch.tv without an issueDNS Lookup Hostname twitch.tv Results Result Record type 151.101.194.167 A 151.101.2.167 A 151.101.130.167 A 151.101.66.167 A Timings Name server Query time 127.0.0.1 No response 192.168.1.1 No response 8.8.8.8 304 msec 8.8.4.4 231 msec
-
@johnpoz Pf runs on 192.168.1.1
Here is my basic setup that's been running for a few years nowTmobile HotSpot(192.168.0.140) (why google took so long to get back) via USB to Pfsense(192.168.1.1) > CAT5 16 port switch > 4 hardwired devices and 3 wired APs
-
Timings Name server Query time 127.0.0.1 No response 192.168.1.1 No response
That sure doesn't look normal..