filtering is not working on a Vista machine
I have openDNS set up at our home network (through Netgear 7000) for a while. I just discovered that filtering is not taking effect on one of our machines which happens to be on Vista. When I go to https://www.opendns.com/welcome/ I see a notification that the machine is going through openDNS, but I am able to navigate to sites that are blocked. Other machines on the network are successfully blocking those sites.
Where should I start investigating?
-
rotblitz, thanks for the quick response.
While I was poking around after posting my request the machine crashed. After it came back up everything seems fine! I am puzzled.
For the sake of completeness I am copying below the responses that I see for the 3 commands.
C:\Windows\system32>nslookup -type=txt debug.opendns.com
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cNon-authoritative answer:
debug.opendns.com text ="server m9.ash"
debug.opendns.com text ="device EF0A0AA0000A6C0F"
debug.opendns.com text ="flags 422 0 50 3B50E007F6050085CF3"
debug.opendns.com text ="originid 13607785"
debug.opendns.com text ="actype 2"
debug.opendns.com text ="bundle 4187757"
debug.opendns.com text ="source 71.163.166.18:33842"
C:\Windows\system32>nslookup whoami.akamai.net.
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cNon-authoritative answer:
Name: whoami.akamai.net
Addresses: 2620:0:ccb::19
208.69.32.19C:\Windows\system32>netsh interface ipv4 show config
Configuration for interface "Wireless Network Connection 10"
DHCP enabled: Yes
IP Address: 192.168.1.11
Subnet Prefix: 192.168.1.0/24 (mask 255.255.255.0)
Default Gateway: 192.168.1.1
Gateway Metric: 0
InterfaceMetric: 25
DNS servers configured through DHCP: 192.168.1.1
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Local Area Connection"
DHCP enabled: Yes
InterfaceMetric: 5
DNS servers configured through DHCP: None
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Loopback Pseudo-Interface 1"
DHCP enabled: No
IP Address: 127.0.0.1
Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
InterfaceMetric: 50
Statically Configured DNS Servers: None
Register with which suffix: Primary only
Statically Configured WINS Servers: None -
"After it came back up everything seems fine! I am puzzled."
Too early and too optimistic!
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cThis DNSv6 service is where your DNS lookups are sent to. To my surprise this DNSv6 server seems to convert the queries to IPv4, and OpenDNS sees your IPv4 address 71.163.166.18 from you, registered at https://dashboard.opendns.com/settings/, so that your dashboard settings are associated with your DNS queries, and your settings take effect. But not really...
"device EF0A0AA0000A6C0F"
This indicates that you have a Netgear router with LPC enabled. Netgear LPC and OpenDNS Home are not compatible, so your results will be inconsistent and not necessarily what you expect. I.e. your settings, be it for LPC or for Home, do not take effect reliably. Use only one of the two services at any time! It's your choice which one you use.
It could well be that only one of the services takes effect due to the fact that you send your DNS queries out over IPv6. I'm really not sure about what then happens behind the scenes.
My suggestion is to disable one of the services and use only the other. Also, in case you want to use OpenDNS Home, you may want to configure the DNSv6 resolver addresses ::ffff:d043:dedc and ::ffff:d043:dcde on the router or on the computer.
So to summarize: your problem is related to Vista in no way, but by using two incompatible services in parallel and by using IPv6 for your DNS traffic.
-
Rotblitz,
You are right about results being inconsistent. I made the change you suggested (i.e., I deleted my network address at my openDNS account). But it has not solved the problem yet.
Here are the revised output from the three commands:
C:\Windows\system32>nslookup -type=txt debug.opendns.com.
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cNon-authoritative answer:
debug.opendns.com text ="server m9.ash"
debug.opendns.com text ="device EF0A0AA0000A6C0F"
debug.opendns.com text ="flags 422 0 70 7950800000000000000"
debug.opendns.com text ="originid 0"
debug.opendns.com text ="actype 0"
debug.opendns.com text ="source 71.163.166.18:33842"
C:\Windows\system32>nslookup whoami.akamai.net.
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cNon-authoritative answer:
Name: whoami.akamai.net
Address: 208.69.32.19
C:\Windows\system32>netsh interface ipv4 show configConfiguration for interface "Wireless Network Connection 8"
DHCP enabled: Yes
IP Address: 192.168.1.11
Subnet Prefix: 192.168.1.0/24 (mask 255.255.255.0)
Default Gateway: 192.168.1.1
Gateway Metric: 0
InterfaceMetric: 25
Statically Configured DNS Servers: 208.67.222.222
208.67.220.220
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Local Area Connection"
DHCP enabled: Yes
InterfaceMetric: 5
DNS servers configured through DHCP: None
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Loopback Pseudo-Interface 1"
DHCP enabled: No
IP Address: 127.0.0.1
Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
InterfaceMetric: 50
Statically Configured DNS Servers: None
Register with which suffix: Primary only
Statically Configured WINS Servers: NoneDo you see anything new? Thanks for your help!
-
I see that your DNS queries are still sent over IPv6 to a non-OpenDNS resolver address which may cause to circumvent your LPC settings:
Server: UnKnown
Address: 2002:47a3:a612:0:e6f4:c6ff:fe03:5a7cTry with the measures I have listed above, or disable IPv6 on the computer altogether, i.e. uncheck the box before TCP/IPv6 in the properties of your active network interface "Wireless Network Connection 8".
Further, I see:
Statically Configured DNS Servers: 208.67.222.222
208.67.220.220This has no effect yet, because your DNS traffic is via IPv6, but you should not manually configure DNS server addresses on the computer, but should obtain them automatically via DHCP from the router. This will end up in the router's IP address 192.168.1.1 as the only one DNS server address.
"But it has not solved the problem yet."
What exact problem is this? Can you provide examples? (If it works after the other measures, you do not need to further explain this.)
-
I disabled IPv6 like you suggested, and it seems to have solved my problem (i.e., I tried navigating to some blocked sites, and they were blocked as expected).
I am pasting output from the 3 commands below. Thanks again!
C:\>nslookup -type=txt debug.opendns.com
1.1.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial = 1
refresh = 600 (10 mins)
retry = 1200 (20 mins)
expire = 604800 (7 days)
default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.1.1Non-authoritative answer:
debug.opendns.com text ="server m25.ash"
debug.opendns.com text ="device 0000A6C0FE0C5069"
debug.opendns.com text ="flags 422 0 8010 39404007E60400054E3"
debug.opendns.com text ="originid 34442113"
debug.opendns.com text ="actype 1"
debug.opendns.com text ="bundle 34442113"
debug.opendns.com text ="source 71.163.166.18:33842"
C:\>nslookup whoami.akamai.net
1.1.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial = 1
refresh = 600 (10 mins)
retry = 1200 (20 mins)
expire = 604800 (7 days)
default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.1.1Non-authoritative answer:
Name: whoami.akamai.net
Address: 208.69.32.67
C:\>netsh interface ipv4 show configConfiguration for interface "Wireless Network Connection 8"
DHCP enabled: Yes
IP Address: 192.168.1.11
Subnet Prefix: 192.168.1.0/24 (mask 255.255.255.0)
Default Gateway: 192.168.1.1
Gateway Metric: 0
InterfaceMetric: 25
DNS servers configured through DHCP: 192.168.1.1
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Local Area Connection"
DHCP enabled: Yes
InterfaceMetric: 5
DNS servers configured through DHCP: None
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Loopback Pseudo-Interface 1"
DHCP enabled: No
IP Address: 127.0.0.1
Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
InterfaceMetric: 50
Statically Configured DNS Servers: None
Register with which suffix: None
Statically Configured WINS Servers: None -
Yes, this looks differently now.
However, it is strange that the MAC address of your router has changed from EF0A0AA0000A6C0F to 0000A6C0FE0C5069, and that your IP address 71.163.166.18 seems now to be registered with OpenDNS network ID 34442113, but as long as it works this way, it's fine.
If not, you better raise a support ticket with OpenDNS. They must check your account then.
Please sign in to leave a comment.
Comments
7 comments