ExampleAdultSite not blocked as it should
http://www.exampleadultsite.com is no longer being blocked. (it was this weekrend)
Accessing http://welcome.opendns.com indicates that I am using the OpenDNS nameservers, however, as I get the checkmark and the "Welcome to OpenDNS!" in the resulting web page.
Further indication that I am using the OpenDNS nameservers is that the test page http://www.internetbadguys.com is blocked.
I did not make any changes to any configuration on my end nor in my OpenDNS settings.
I checked my openDNS settings and blocking for the Pornography category is enabled.
Do you know how to troubleshoot this problem?
-
You're using the OpenDNS defaults, this indicating that you don't have your IP address registered at https://dashboard.opendns.com/settings/
"I did not make any changes"
Yes, you got it, this is the problem. If your ISP changes your IP address, you must keep it updated at OpenDNS.
-
Yes indeed, I don't use opendns dashboard because I am a netgear user (netgear Live Parental Controls - https://netgear.opendns.com)
I have read that these systems are incompatible. Using netgear router, I only have to setup netgear LPC.
-
Oops, sorry, I had overseen that you posted in the Netgear Live Parental Controls section of the forum...
It could be that your IP address has recently been registered by another OpenDNS Home user, so that you run into this incompatibility issue you mentioned, because you're using two incompatible services then, LPC and OpenDNS Home, although against your intention.
You can find it out from the output of the following diagnostic command:
nslookup -type=txt debug.opendns.com.
If the originid is not equal to zero, then your IP address is registered by another OpenDNS Home user. You have two options now:
- Disconnect from and reconnect to the internet to possibly get another IP address assigned by your ISP.
- If this does not work, you must open a support ticket, link "Submit a request" above, to get your IP address released from the registration at OpenDNS.
- Disconnect from and reconnect to the internet to possibly get another IP address assigned by your ISP.
-
Hmmm your comment makes sense.
nslookup -type=txt debug.opendns.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
debug.opendns.com text = "server m49.ash"
debug.opendns.com text = "flags 20 0 70 180000000000000000007950800000000000000"
debug.opendns.com text = "originid 0"
debug.opendns.com text = "actype 0"
debug.opendns.com text = "source <masked>:37701"
Authoritative answers can be found from:But originid is 0.
I am going to ask my IP released to see if it changes something.
-
Well, your command output raises unexpected surprising news. Your IP address is not registered at all.
Your computer uses this DNS server configuration:
Server: 127.0.0.53
Address: 127.0.0.53#53I would have expected to see your Netgear router's IP address (192.168.x.x) here, not a localhost address of 127.0.0.53. What is listening on this address and port? Is it something like DNSCrypt? What does it use as forwarder address? DNS traffic must go to/through your Netgear router, else you will not be using LPC.
And for sure, you are not using LPC just now, else your command output would also show a line like:
debug.opendns.com text = "device 0abce7235fb8"
"I am going to ask my IP released"
Nope, under these circumstances this does not help at all. Instead you must reconfigure your computer to obtain the network settings automatically via DHCP from the router, or you must configure your router's IP address 192.168.x.x as the only one DNS server address on this computer.
-
Thank you @rotblitz for your answer. DNS is 127.0.0.53 because ubuntu uses some internal dns cache system I think.
I answer to myself: problem fixed. Actually I had to launch Netgear Genie app to enable parental control. Because I only have linux, I add to install it on my phone then it worked !
nslookup -type=txt debug.opendns.com
Server: 127.0.0.53
Address: 127.0.0.53#53Non-authoritative answer:
debug.opendns.com text = "server m49.ash"
debug.opendns.com text = "device 00008128543B9697"
debug.opendns.com text = "flags 422 0 8010 1800000000000000000039400007E00400014C3"
debug.opendns.com text = "originid 58916611"
debug.opendns.com text = "actype 1"
debug.opendns.com text = "bundle 58916611"
debug.opendns.com text = "source 71.92.3.163:37701"Authoritative answers can be found from:
-
No after a while, I am back to a disabled LPC.
nslookup -type=txt debug.opendns.com
Server: 127.0.0.53
Address: 127.0.0.53#53Non-authoritative answer:
debug.opendns.com text = "server m49.ash"
debug.opendns.com text = "flags 20 0 70 180000000000000000007950800000000000000"
debug.opendns.com text = "originid 0"
debug.opendns.com text = "actype 0"
debug.opendns.com text = "source 71.92.3.163:37701"Authoritative answers can be found from:
It seems active on Genie though.
Do you know what is going on?
-
Yes, you have LPC disabled, but you have the OpenDNS resolver addresses 208.67.x.x configured somewhere, on the computer or on the router. This would be correct for OpenDNS Home, but not for LPC. Because your IP address is not registered, you're using the OpenDNS defaults, not individual settings. This means that www.exampleadultsite.com will not be blocked with this.
"It seems active on Genie though."
I've heard that the smartphone Genie apps are not reliable with LPC. Or the Genie app is confused, because you're using OpenDNS without having LPC enabled.
-
OK, thank you Rotblitz for your answer.
Indeed my router uses OpenDNS resolver address.
I installed Genie on my wide's computer (windows).
I run though the parental control activation.
I have a successful Status window with a nice summary :
Live Parental Controls: enabled
Filtering level: high
OpenDNS account : myaccount
But it doesn't work.
-
"Indeed my router uses OpenDNS resolver address."
You should not configure the addresses when using LPC. This is not part of the instructions.
https://kb.netgear.com/25687/I need to see the complete output of the following diagnostic commands:
nslookup -type=txt debug.opendns.com.
nslookup whoami.akamai.net.
nslookup www.exampleadultsite.com. -
I didn't setup dns server following the instructions. I set it up many years ago at the router installation.
nslookup -type=txt debug.opendns.com
Server: 127.0.0.53
Address: 127.0.0.53#53Non-authoritative answer:
debug.opendns.com text = "server m57.ash"
debug.opendns.com text = "flags 20 0 70 180000000000000000007950800000000000000"
debug.opendns.com text = "originid 0"
debug.opendns.com text = "actype 0"
debug.opendns.com text = "source myip:50418"Authoritative answers can be found from:
nslookup whoami.akamai.net
Server: 127.0.0.53
Address: 127.0.0.53#53Non-authoritative answer:
Name: whoami.akamai.net
Address: 47.18.177.167nslookup www.exampleadultsite.com
Server: 127.0.0.53
Address: 127.0.0.53#53Non-authoritative answer:
Name: www.exampleadultsite.com
Address: 67.215.92.210Do you have any idea why it is said as enabled but it is not?
-
"I didn't setup dns server following the instructions. I set it up many years ago at the router installation."
You should undo it if you want to use LPC now. As I said, this is not part of the LPC instructions, so don't do it.
We are turning in circles now, see one of my previous comments.
LPC may be enabled on the router now, but you don't use it although your DNS queries reach OpenDNS and are responded to by OpenDNS. From your computer's perspective LPC is not enabled, as can be seen from the missing "device" field. As I said earlier, DNS traffic must go to/through your Netgear router, else you will not be using LPC and your LPC dashboard settings.
When I say DNS traffic must go to your Netgear router, then this means that your computer must be configured to send DNS traffic to the router's IP address (usually 192.168.0.1 or 192.168.1.1, configured as the only DNS server address on the computer or obtained automatically via DHCP), not to e.g. OpenDNS directly.
As you are using your computer's DNS cache or proxy (127.0.0.53), I do not see where this tool forwards the DNS traffic to, but it is likely the 208.67.x.x. OpenDNS resolver addresses. But it must be your router's IP address to make use of LPC. If it is not this, another reason for your problems could be that you have the OpenDNS resolver addresses manually configured on the router which you shouldn't do with LPC.
-
I understood your comment.
I use DHCP (lease from router) and the DNS address given by my router is the router address: 10.0.0.1.
I would expect, because LPC is enabled, the router to just not use the dns previously entered but to use opendns w: parental control instead.
I can try to get back to ISP dns server but I don't think it is linked.
-
Arrrr
After one night, back to my initial problem, www.exampleadultsite.com not blocked.
DNS settings on my router is now back to opendns addresses. And filtering fron opendns is not applied.
I tried this: Change DNS servers to google (8.8.8.8); Launch Genie. Enable Parental control.
Get back to DNS settings in router, DNS servers was changed to OpenDNS.
Very likely that my dns settings are changed by Genie when I enable Parental Control.
And just doing that www.exampleadultsite.com is blocked, but for how long?
Please sign in to leave a comment.
Comments
16 comments