Content Filtering Not Working

Comments

6 comments

  • Avatar
    rotblitz

    Copy & paste the complete plain text output of the following diagnostic commands from such a PC to here:

    nslookup -type=txt debug.opendns.com. 208.67.220.220
    nslookup whoami.akamai.net.
    netsh interface ipv4 show dns

     

    0
    Comment actions Permalink
  • Avatar
    crokett

    nslookup -type=txt debug.opendns.com. 208.67.220.220
    Server: resolver2.opendns.com
    Address: 208.67.220.220

    *** resolver2.opendns.com can't find debug.opendns.com.: Non-existent domain

    nslookup -type=txt whoami.akamai.net

    Server: resolver1.opendns.com
    Address: 208.67.222.222

    whoami.akamai.net canonical name = user-att-108-70-128-0.whoami.akamai.net

     

    netsh interface ipv4 show dns

    Configuration for interface "Wireless Network Connection 3"
    DNS servers configured through DHCP: None
    Register with which suffix: Primary only

    Configuration for interface "Wireless Network Connection 2"
    DNS servers configured through DHCP: None
    Register with which suffix: Primary only

    Configuration for interface "Wireless Network Connection"
    Statically Configured DNS Servers: 208.67.222.222
    208.67.220.220
    Register with which suffix: Primary only

    Configuration for interface "Bluetooth Network Connection"
    DNS servers configured through DHCP: None
    Register with which suffix: Primary only

    Configuration for interface "Loopback Pseudo-Interface 1"
    Statically Configured DNS Servers: None
    Register with which suffix: None

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz (Edited )

    You entered the second command incorrectly.  I didn't ask for the TXT record, but for the A record, so I'm unsure...

    Regardless, it looks like your ISP redirects your DNS traffic to their own DNS service, so it does not go to OpenDNS.  You may contact your ISP to opt out from this, or you can try to circumvent this restriction with https://dnscrypt.info/implementations

    Another possibility is that you run Avast or AVG antivirus.  In this case first try with disabling the option "Secure DNS / Fake Site / Real Site" in the program settings.

    0
    Comment actions Permalink
  • Avatar
    crokett

    here's the correct output

    nslookup whoami.akamai.net

    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: user-att-108-70-128-0.whoami.akamai.net
    Address: 108.70.128.0
    Aliases: whoami.akamai.net

    there is no antivirus.  I'll look into whether my ISP is redirecting DNS traffic

    0
    Comment actions Permalink
  • Avatar
    crokett

    I did some checking and disabled DNS error assist on my account with my ISP.  I'll restart the router and check it again in a few days.  

    what in the output tells you that my ISP might be directing DNS traffic?

    0
    Comment actions Permalink
  • Avatar
    rotblitz (Edited )

    Yep, it's your ISP hi-jacking your DNS traffic!  This address 108.70.128.0 is assigned to your ISP.  Also, not being able to resolve debug.opendns.com (TXT record) is another indication.  Only if you really used OpenDNS you could resolve this domain name.  The domain which.opendns.com (TXT record) can be resolved by every DNS service, but non-OpenDNS returns "I am not an OpenDNS resolver".

    0
    Comment actions Permalink

Please sign in to leave a comment.