DNS Resolver Not Resolving Some Requests
-
@stephenw10 I originally assumed it was DNS because the site would fail to load on multiple Fedora pc's as well as Android phones but now I'm getting combinations of err_connection_refused, err_connection_aborted and connection has timed out errors. Got more research to do I guess.
-
Are you running pfBlocker or Snort/Suricata? Anything logged as blocked there?
-
@stephenw10 That was the second place I looked but I'm not getting the pfBlocker page or the 1x1 pixel dot, and I don't see upsbatterycenter in the Reports - Alerts page. Also wouldn't explain the intermittent nature of what I have been experiencing today with this site it would just be blocked period.
-
I'd try running a pcap for 192.240.174.188 when you're trying to access it. It could just be refused at the server.
-
@jaskerx I would look to your client to why its failing.. DNS is just the first step in connecting to it.. But if you get that IP answer from pfsense then its not a pfsense dns issue.
Now it could be your client not asking pfsense? It could be as mentioned a rst from the server, could be the server just not answering?
I have not seen any issues loading up that site on my devices..
In firefox load up the dev tools when you try and access it - you should get some more details of what exactly is failing. or look at firefox actual dns cache, etc..
about:networking#dns
In firefox will show you its cache, and info on where it got it from if its using doh, etc.
-
@jaskerx how do you turn of DoH on Chrome???
