OpenDNS acting strangely

Comments

7 comments

  • Avatar
    rotblitz

    "The IP address showing up on the ODNS website is different from what is showing for the updater but the updater says I'm using OpenDNS."

    There are instances where ISPs route DNS and web traffic in different ways, so the internet sees two (or more) IP addresses from you, e.g. a DNS IP address and a web IP address.  Also a static IP address may likely not help here.

    Your DNS IP address: nslookup myip.opendns.com. 208.67.220.220
    Your web IP address:  http://myip.dnsomatic.com/

    It is your DNS IP address which must be registered at the dashboard for your individual settings taking effect.

    Even if your DNS IP address is not registered at your dashboard, you still may use OpenDNS, but its default settings, not your individual dashboard settings.

    Here is the relevant KB article which you did not find:
    https://support.opendns.com/hc/en-us/articles/115003766106

    "However when I check to see if I can access porn through my network some are blocked and others are fully accessible."

    This can have several reasons.  One is that the related domains may not be categorized as porn yet, so they are not being blocked.

  • Avatar
    gabbadoo (Edited )

    I switched to the OpenDNS Family Shield name servers.

    • 208.67.222.123
    • 208.67.220.123

    The sites I'm navigating to aren't new or questionable in terms of content and after a quick check they are registered in the database as what i would expect.  I mean Playboy is a pretty tame by today's standards but it's in the database as porn and still pops right up.

    Edit:  I'm using a Ubiquiti EdgeRouter 5 POE with the most recent firmware and controller.

  • Avatar
    rotblitz (Edited )

    I need more information.  Copy & paste the complete plain text output of the following diagnostic commands to here:

    nslookup -type=txt debug.opendns.com.
    nslookup whoami.akamai.net.
    nslookup www.exampleadultsite.com.
    nslookup www.playboy.com.
    netsh interface ipv4 show config (Windows only)
    netsh interface ipv6 show dnsservers (Windows only)

    You may also post a screen shot of the place where you configured OpenDNS or FamilyShield.

  • Avatar
    gabbadoo

    nslookup -type=txt debug.opendns.com
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    debug.opendns.com       text =

            "server m5.dfw"
    debug.opendns.com       text =

            "flags 20 0 8050 180000000000000000003950800780000000000"
    debug.opendns.com       text =

            "originid 216734166"
    debug.opendns.com       text =

            "actype 2"
    debug.opendns.com       text =

            "bundle 11737270"
    debug.opendns.com       text =

            "source 104.255.27.24:41559"

    nslookup whoami.akamai.net
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    Name:    whoami.akamai.net
    Address:  8.0.15.7

    nslookup www.exampleadultsite.com
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    Name:    www.exampleadultsite.com
    Address:  67.215.92.210

    nslookup www.playboy.com
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    Name:    followtherabbit.playboy.com
    Address:  66.254.119.42
    Aliases:  www.playboy.com

    netsh interface ipv4 show config

    Configuration for interface "Local Area Connection* 2"
        DHCP enabled:                         Yes
        InterfaceMetric:                      25
        DNS servers configured through DHCP:  None
        Register with which suffix:           Primary only
        WINS servers configured through DHCP: None

    netsh interface ipv6 show dnsservers

    Configuration for interface "Local Area Connection* 2"
        DNS servers configured through DHCP:  fec0:0:0:ffff::1%1
                                              fec0:0:0:ffff::2%1
                                              fec0:0:0:ffff::3%1
        Register with which suffix:           Primary only

    Configuration for interface "Local Area Connection* 3"
        DNS servers configured through DHCP:  fec0:0:0:ffff::1%1
                                              fec0:0:0:ffff::2%1
                                              fec0:0:0:ffff::3%1
        Register with which suffix:           Primary only

    Configuration for interface "Ethernet"
        DNS servers configured through DHCP:  None
        Register with which suffix:           Primary only

    Configuration for interface "Bluetooth Network Connection 2"
        DNS servers configured through DHCP:  fec0:0:0:ffff::1%1
                                              fec0:0:0:ffff::2%1
                                              fec0:0:0:ffff::3%1
        Register with which suffix:           Primary only

    Configuration for interface "Wi-Fi"
        DNS servers configured through DHCP:  fec0:0:0:ffff::1%1
                                              fec0:0:0:ffff::2%1
                                              fec0:0:0:ffff::3%1
        Register with which suffix:           Primary only

    Configuration for interface "Loopback Pseudo-Interface 1"
        Statically Configured DNS Servers:    fec0:0:0:ffff::1%1
                                              fec0:0:0:ffff::2%1
                                              fec0:0:0:ffff::3%1
        Register with which suffix:           Primary only

    Configuration for interface "Local Area Connection* 3"
        DHCP enabled:                         Yes
        InterfaceMetric:                      25
        DNS servers configured through DHCP:  None
        Register with which suffix:           Primary only
        WINS servers configured through DHCP: None

    Configuration for interface "Ethernet"
        DHCP enabled:                         Yes
        IP Address:                           192.168.1.49
        Subnet Prefix:                        192.168.1.0/24 (mask 255.255.255.0)
        Default Gateway:                      192.168.1.1
        Gateway Metric:                       0
        InterfaceMetric:                      35
        DNS servers configured through DHCP:  192.168.1.1
        Register with which suffix:           Primary only
        WINS servers configured through DHCP: None

    Configuration for interface "Bluetooth Network Connection 2"
        DHCP enabled:                         Yes
        InterfaceMetric:                      65
        DNS servers configured through DHCP:  None
        Register with which suffix:           Primary only
        WINS servers configured through DHCP: None

    Configuration for interface "Wi-Fi"
        DHCP enabled:                         Yes
        InterfaceMetric:                      70
        DNS servers configured through DHCP:  None
        Register with which suffix:           Primary only
        WINS servers configured through DHCP: None

    Configuration for interface "Loopback Pseudo-Interface 1"
        DHCP enabled:                         No
        IP Address:                           127.0.0.1
        Subnet Prefix:                        127.0.0.0/8 (mask 255.0.0.0)
        InterfaceMetric:                      75
        Statically Configured DNS Servers:    None
        Register with which suffix:           Primary only
        Statically Configured WINS Servers:   None

  • Avatar
    rotblitz (Edited )

    I had a look at your user manual, and there are several places where DNS server addresses can be entered.  Beside the place in your screen shot, there is also Services > DHCP Server which may be more appropriate to enter the resolver addresses.

    From your command outputs I can see that you are using OpenDNS (not sure about FamilyShield), and your IP address 104.255.27.24 is registered with dashboard network ID 216734166 of an OpenDNS Home account.  However, Playboy and the demonstration site are not being blocked which would look like you don't use the FamilyShield addresses or related dashboard settings, or you are not consistently using OpenDNS.

    Also, Akamai sees your DNS queries coming from 8.0.15.7 (Level-3 Dallas) which is not what would be the expected 204.194.238.0/24 (Equinix Dallas).

    To be honest, I'm confused and ran out of ideas.  What you can do else:

    • Run the diagnostic tool from https://support.opendns.com/hc/en-us/articles/227988487
      Then raise a support ticket, link "Submit a request" above, with a link to your diagnostic results and this forum thread and with a problem description.
    • Search the support forum of your router supplier to find similar problems reported, or post the question there.  This is where the nerds for your router are.  (Here are just OpenDNS nerds.)
  • Avatar
    gabbadoo

    For the moment it looks like changing the DNS settings in the DHCP section has fixed the problem.  One of the sites which was always loading is now properly blocked.  Thanks a lot.

  • Avatar
    rotblitz

    Thanks, great to hear!

Please sign in to leave a comment.