OpenDNS not working on Time Capsule
Hi all,
I'm trying to use OpenDNS to block out the nasties as I've got 3 children which are getting to that age where they're getting, umm, curious!
My network router is a Apple Time Capsule and I extend the network with an Apple Airport Express.
I followed the instructions to a T on adding the DNS servers to both the Time Capsule and the Airport Express (because some devices connect to one or the other).
However, even after clearing cookies, caches, and flushing the DNS, it's still giving me the 'oops' page.
The only way I can get OpenDNS to work is if I manually add it in under the wifi settings on each and every computer. They're not technically minded enough yet to undo this, but I'm sure in the future they would be very well capable of searching to see what OpenDNS is and how to disable it.
Is there anyway I can this to work from within the router? We're using Apple computers if that helps?
All the settings are in place as directed, it's just not working.
Thanks in advance.
-
"OpenDNS not working on Time Capsule"
This is true. OpenDNS does not work on routers but is an online service. You just configure the router to send your DNS lookups to OpenDNS. But it doesn't "work" there...
"Is there anyway I can this to work from within the router? We're using Apple computers if that helps?"
What do the people in the Apple support forum say? Here are the OpenDNS experts, the Apple router experts are somewhere else. You would have the same problem with any other DNS service. This is not OpenDNS specific.
"However, even after clearing cookies, caches, and flushing the DNS"
Also, you don't need to flush the cookies, just the caches.
"They're not technically minded enough yet to undo this, but I'm sure in the future they would be very well capable of searching to see what OpenDNS is and how to disable it."
Not if you don't let them be admins on the computers. You shouldn't! Nobody should unless administrative work is due.
-
In order to troubleshoot this is may be best to open a support ticket. We are going to need screenshots of your Time Capsule confguration as well as the current configuration of your computer(s). It could simply be that the computers are still holding the DNS servers that were given to them on their initial DHCP lease (before you changed the configuration.) A simple reboot of the computers would allow you to see if that's the issue.
If that doesn't resolve the issue, please open a support request and my team will be happy to assist you.
-
I have this same problem. Everything appears to be configured properly on my TIme Capsule, but it's not enforcing Domain Blocking. Attached is a screen shot of my Airport utility.
THank you SO MUCH for any help.
Jason
Screen Shot 2013-07-05 at 7.20.23 PM.png -
@jmatlof
Looks good. And, what does not work? Does the page http://welcome.opendns.com/ indicate that you're not using OpenDNS?
Try with entering these IPv6 DNS server addresses in addition: ::ffff:d043:dede and ::ffff:d043:dcdc -
Everything looks to be configured. And, if I go into my OpenDNS account, it says that it's blocking domains (see attached screen capture).
Unfortunately, it's actually not blocking access.
And, if I check the test pages you recommend (above -> welcome.opendns.com) they say that OpenDNS is not working.
Can you please help out? Thanks!
Jason
Screen Shot 2013-07-06 at 11.03.26 AM.png -
It seems you don't use OpenDNS permanently and reliably, seeing that only a few domains are blocked and that the test page confirms you not using OpenDNS at this time.
The main reason may be that you have an IPv6 connection and didn't configure OpenDNS IPv6 DNS resolver addresses before, so you may have used your ISP's IPv6 resolvers. Now as you have done it, it should be good.
If you say no, did you flush both, your local resolver cache and your browser cache after the settings change?
http://www.opendns.com/support/category/10
If not, you are served out of your caches which can last for a longer time.If you still have problems, even after flushing your caches, post the complete plain text output of the following command:
nslookup -type=txt debug.opendns.com.
-
Sorry for the massive delay in replying to this. I did come back after the first person had answered and was disheartened by the answer and basically just forgot to come back! Only going through bookmarks I saw this thread and thought I'd check it again.
Anyway, my screen shot of my settings looks exactly the same as Jason's screenshot with the DNS entries. My IPv6 server areas were also empty. I've input the IPv6 DNS entries as stated in your previous reply into my IPv6 area and saved. After saving I get the following:
::ffff:208.67.222.222
::ffff:208.67.220.220Is that how it show show after saving? Or should it match the same as the 1st DNS servers? I've attached a screen shot after saving. As I also use the Airport Express to extend my network, I also entered the additional IPv6 settings into that too as some of my devices connect to that instead of the Time Capsule.
Either way, it still doesn't appear to be working and I'm still getting the Oops page. I've done a full reset on Chrome to test it out. My next step is the nslookup which is provided below.
Server: 194.168.4.100
Address: 194.168.4.100#53nslookup -type=txt debug.opendns.com
Server: 194.168.4.100Address: 194.168.4.100#53
** server can't find debug.opendns.com: NXDOMAIN
Any help would be greatly appreciated before I go ahead and submit a support ticket.
Thanks in advance.
open-dns-1.jpg -
@maintenance - I was able to input a dot into the domain name area and have saved, but now my Airport Express is showing the yellow caution sign. It won't seem to stay connected to the TC unless I remove the dot. Then it goes back to being OK again (green light).
@rotblitz - here's the complete output via terminal:
nslookup -type=txt which.opendns.com. 208.67.220.220
Server: 208.67.220.220
Address: 208.67.220.220#53Non-authoritative answer:
which.opendns.com text = "3.lon"Authoritative answers can be found from:
Thanks again for your help. Can someone mark this as unanswered to? I can't seem to remove the answered part, and it's clearly not resolved.
-
Hmm, odd. When I did the first terminal command it didn't show anything after the "authoritative answers can be found from:" part. (I think this was after saying with the dot in the domain section.
But here's the complete output:
nslookup -type=txt which.opendns.com. 208.67.220.220
Server: 208.67.220.220
Address: 208.67.220.220#53Non-authoritative answer:
which.opendns.com text = "3.lon"Authoritative answers can be found from:
Server: 208.67.220.220
Address: 208.67.220.220#53Non-authoritative answer:
which.opendns.com text = "3.lon"Authoritative answers can be found from:
Lisa-iMac:~ Lisa_iMac$ Server:
.CFUserTextEncoding .ssh/ Sites/
.DS_Store .thumbnails/ WP BACKUP/
.Trash/ Applications/ WP BROKEN/
.adobe/ Desktop/ footer-1.png
.bash_history Documents/ footer.png
.config/ Downloads/ functions.php
.cups/ Library/ headline-sidebar-1.png
.dvdcss/ Movies/ headline-sidebar.png
.login Music/ home.php
.profile Pictures/ post-1.png
.rnd Public/ post.png
Lisa-iMac:~ Lisa_iMac$ Server:208.67.220.220
-bash: Server:208.67.220.220: command not found
Lisa-iMac:~ Lisa_iMac$ Address:208.67.220.220#53
-bash: Address:208.67.220.220#53: command not found
Lisa-iMac:~ Lisa_iMac$
Lisa-iMac:~ Lisa_iMac$ Non-authoritative answer:
-bash: Non-authoritative: command not found
Lisa-iMac:~ Lisa_iMac$ which.opendns.comtext = "3.lon"
-bash: which.opendns.comtext: command not found
Lisa-iMac:~ Lisa_iMac$
Lisa-iMac:~ Lisa_iMac$ Authoritative answers can be found from:
-bash: Authoritative: command not found
Lisa-iMac:~ Lisa_iMac$ nslookup -type=txt which.opendns.com. 208.67.220.220
Server: 208.67.220.220
Address: 208.67.220.220#53Non-authoritative answer:
which.opendns.com text = "3.lon"Authoritative answers can be found from:
Lisa-iMac:~ Lisa_iMac$
-
This was to prove that you can use OpenDNS at all, i.e. that your ISP does not redirect your DNS lookups. You can use OpenDNS, more detailed the OpenDNS London location, but your router at 194.168.4.100 does not forward your DNS lookups to OpenDNS despite of your configuration.
Oops, just seeing, your router (or your computer's DNS configuration) has a weird IP address of 194.168.4.100. This is publicly routable, not a private RFC-1918 IP address as should be for LAN use. It seems you have severe network configuration errors. Maybe this should actually be 192.168.4.100 instead?
If this is not the root cause, then this problem is therefore merely a router problem, not an OpenDNS problem. You would have the same troubles if you tried to use any other DNS service, e.g. Google DNS. And because here are the OpenDNS experts, not the Apple router experts, you would be served much better in an Apple support forum.
In the old forum we have a similar case (http://forums.opendns.com/comments.php?DiscussionID=68380), but this wasn't resolved either.
-
Ah yes, this 194.168.4.100 is Virginmedia's DNS resolver address, and because you mix DNS services, you use OpenDNS only randomly, if at all. You must remove non-OpenDNS resolver addresses from your configuration, wherever you find them, on the routers and/or on your computer. Your computer's DNS server configuration is to point to the router's IP address only.
-
I just realized that my OpenDNS has not been working since I installed our time capsule about 6 months ago. I tried to make sense of the cases here but I have no clue where to start. Could someone tell step by step what to do? I am running snow leopard and have a time capsule.
Thank you!
Deb
-
"I have no clue where to start."
https://store.opendns.com/setup/device/apple-timecapsule-v76
-
rotblitz - "Ah yes, this 194.168.4.100 is Virginmedia's DNS resolver address, and because you mix DNS services, you use OpenDNS only randomly, if at all. You must remove non-OpenDNS resolver addresses from your configuration, wherever you find them, on the routers and/or on your computer. Your computer's DNS server configuration is to point to the router's IP address only."
I completely forgot about this. Good catch! I had added Virgins's DNS to my direct network settings a while back when I couldn't access a site and they went through troubleshooting with me. Looks like I forgot to remove that.
Anyway, I removed the Virgin DNS settings from my network preferences and have cleared the cache and all is well. OpenDNS is again working from within the router itself. It was the Virgin DNS settings that was as you mentioned causing a conflict.
Thanks so much for putting up with me and helping getting OpenDNS to work again through the TC.
-
Well guess who's back. :(
Just bought a brand new Time Capsule and now OpenDNS is back to not blocking any websites despite being correctly configured (matching old TC settings that worked), and even the OpenDNS welcome page says I'm on OpenDNS but nothing being blocked.
Ugh, I wish I knew what was going on now. I only upgraded because my old 1st gen TC has started having range issues.
Can anyone help with whatever's going on this time? There's no duplicate DNS's or anything going on.
-
Your IP address 24.59.163.23 is not registered with your OpenDNS network. https://dashboard.opendns.com/settings/
Please sign in to leave a comment.
Comments
29 comments