Domain override not working(?)



  • In some countries Piratebay is blocked. I could use OpenDNS as my primary DNS for everything but this is a little slow (longer latency for every request) so I thought I could use the DNS Forwarder and Domain Override function but it doesn't work as I expect it to.

    I have setup my ISP's DNS as my default DNS and I then want to specify ideally OpenDNS or Piratebays authorative DNS server, ns0.thepiratebay.org = 89.249.14.245, as being the DNS to contact regarding this domain but it always uses the ISP DNS even if I do a "ipconfig /flushdns" and a complete reboot of the router!?

    Can anyone help me understanding IF this is even possible?


  • Rebel Alliance Global Moderator

    Well for starters, where did you come up with that IP? for ns0.thepiratebay.org to 89.249.14.245?

    That is NOT what I show..

    ;; AUTHORITY SECTION:
    thepiratebay.org.      86400  IN      NS      ns0.thepiratebay.org.
    thepiratebay.org.      86400  IN      NS      ns1.thepiratebay.se.
    thepiratebay.org.      86400  IN      NS      ns2.thepiratebay.am.
    thepiratebay.org.      86400  IN      NS      ns3.thepiratebay.gl.
    thepiratebay.org.      86400  IN      NS      ns4.thepiratebay.mu.

    ;; ADDITIONAL SECTION:
    ns0.thepiratebay.org.  86400  IN      A      192.121.86.162
    ns1.thepiratebay.se.    86400  IN      A      46.246.66.100
    ns2.thepiratebay.am.    86400  IN      A      46.246.64.100
    ns3.thepiratebay.gl.    86400  IN      A      192.121.86.88
    ns4.thepiratebay.mu.    86400  IN      A      194.71.107.1



  • @john12354:

    Can anyone help me understanding IF this is even possible?

    I use OpenDNS as my default DNS and pfSense is configured to use ISP DNS for particular domains to get me better download speeds from "local" servers.

    1. Have you enabled the DNS forwarder in pfSense?
    2. Is your PC using pfSense as its DNS?



  • @johnpoz:

    ;; ADDITIONAL SECTION:
    ns0.thepiratebay.org.   86400   IN      A       192.121.86.162
    ns1.thepiratebay.se.    86400   IN      A       46.246.66.100

    There could be multiple IP addresses behind the FQDN but I doubt it will work anyhow as ns0.thepiratebay.org probably will not answer DNS requests from anyone anyhow. I am pretty sure I should use OpenDNS for this matter.



  • @wallabybob:

    I use OpenDNS as my default DNS and pfSense is configured to use ISP DNS for particular domains to get me better download speeds from "local" servers.
    1. Have you enabled the DNS forwarder in pfSense?
    2. Is your PC using pfSense as its DNS?

    1. Yes, I have enabled DNS Forwarder.
    2. Yes, my computers are using pfSense as DNS.

    To show my configuration:

    General Setup -> DNS Servers = two of my ISP DNS servers. I have unchecked the "Allow DNS server list to be overridden by DHCP on WAN" (as I am using the same DNS servers in the General setup). I have also unchecked the "Do not use the DNS Forwarder as a DNS server for the firewall".

    Services -> DNS Forwarder = is enabled. In the Domain Overrides I have one entry:
    Domain=piratebay.org, IP=208.67.222.222 (OpenDNS).

    A "ipconfig" on my Windows shows:
    DHCP Enabled. . . . . . . . . . . : Yes
    IPv4 Address. . . . . . . . . . . : 192.168.1.101
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.1

    C:> nslookup piratebay.org 208.67.222.222
    Server:  resolver1.opendns.com
    Address:  208.67.222.222

    Non-authoritative answer:
    Name:    piratebay.org
    Address:  194.71.107.15

    Hmm.. this actually looks correct to me and should (as far as I think) be the correct IP addresses without any blocking!? Why the h… is my browser then showing a site-blocker? Is piratebay.org redirecting to another site and then I need this site to use OpenDNS too?



  • Now it works - I needed to put in "thepiratebay.se" also in the domain override, so now I have two and it works as expected.

    That's nice and it actually works as expected.


  • Rebel Alliance Global Moderator

    as ns0.thepiratebay.org probably will not answer DNS requests from anyone anyhow.

    I doubt they would do recursive, but yeah they are going to answer for records in thepiratebay.org domain - its an authoritative server for that zone.  It better answer for it.

    You you prob need .se, because thebay.org redirects to .se domain


Locked