Strange problem - openDNS reporting as configured, yet not working...

Comments

6 comments

  • Avatar
    rotblitz

    "changed in the router, and are reflected in windows 10 network configuration"

    That doesn't sound good.  Nothing should be reflected in the Windows network configuration!

    Could it be that you have dual-stack connectivity (IPv4 and IPv6) and configured only IPv4, not IPv6?
    Check also at http://welcome.opendns.com/

    Further, you can copy & paste the complete plain text output of the following diagnostic commands to here, so that I get more information:

    nslookup -type=txt debug.opendns.com. 208.67.220.220
    nslookup -type=txt which.opendns.com.
    nslookup whoami.akamai.net.
    netsh interface ipv4 show config

    You can copy a screen shot of the router page where you have the OpenDNS resolver addresses configured.

  • Avatar
    johnbee

    I'm referring to this;

    DNS Servers:

    208.67.222.222
    208.67.220.220
    192.168.219.1

    With that said, it would seem that though openDNS is working as per; 

    https://welcome.opendns.com
    http://www.internetbadguys.com

    that it is not however blocking porn sites
    As for the tests here are the results;

    nslookup -type=txt debug.opendns.com. 208.67.220.220

    Server: resolver2.opendns.com
    Address: 208.67.220.220

    nslookup -type=txt which.opendns.com.
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    which.opendns.com text =

    "m1.yyz"

    Non-authoritative answer:
    debug.opendns.com text =

    "server m17.yyz"
    debug.opendns.com text =

    "flags 40020 0 50 180000000000000000003B50000000000000000"
    debug.opendns.com text =

    "originid 293626766"
    debug.opendns.com text =

    "actype 2"
    debug.opendns.com text =

    "bundle 12156776"
    debug.opendns.com text =

    "source 96.44.72.212:17049"

     

    nslookup -type=txt which.opendns.com.
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    which.opendns.com text =

    "m1.yyz"

     

    nslookup whoami.akamai.net.
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: whoami.akamai.net
    Address: 2620:119:10::65

     

    netsh interface ipv4 show config

    Configuration for interface "Ethernet"
    DHCP enabled: Yes
    IP Address: 192.168.219.7
    Subnet Prefix: 192.168.219.0/24 (mask 255.255.255.0)
    Default Gateway: 192.168.219.1
    Gateway Metric: 0
    InterfaceMetric: 25
    DNS servers configured through DHCP: 208.67.222.222
    208.67.220.220
    192.168.219.1
    Register with which suffix: Primary only
    WINS servers configured through DHCP: None

    Configuration for interface "Loopback Pseudo-Interface 1"
    DHCP enabled: No
    IP Address: 127.0.0.1
    Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
    InterfaceMetric: 75
    Statically Configured DNS Servers: None
    Register with which suffix: None
    Statically Configured WINS Servers: None

  • Avatar
    johnbee

  • Avatar
    rotblitz

    That mixture of DNS resolvers is most likely the problem:

    DNS servers configured through DHCP: 208.67.222.222
                                                                    208.67.220.220
                                                                    192.168.219.1

    You have a lousy router.  It shouldn't provide such a mixture via DHCP.

    Post the complete output of the following commands:

    nslookup -type=txt debug.opendns.com. 192.168.219.1
    nslookup whoami.akamai.net. 192.168.219.1
    nslookup www.exampleadultsite.com. 192.168.219.1
    nslookup www.exampleadultsite.com. 208.67.222.222

     

  • Avatar
    johnbee

    nslookup -type=txt debug.opendns.com. 192.168.219.1
    Server: router.local
    Address: 192.168.219.1

    opendns.com
    primary name server = auth1.opendns.com
    responsible mail addr = noc.opendns.com
    serial = 1565605575
    refresh = 16384 (4 hours 33 mins 4 secs)
    retry = 2048 (34 mins 8 secs)
    expire = 1048576 (12 days 3 hours 16 mins 16 secs)
    default TTL = 2560 (42 mins 40 secs)

     

    nslookup whoami.akamai.net. 192.168.219.1
    Server: h298a.local
    Address: 192.168.219.1

    Non-authoritative answer:
    Name: whoami.akamai.net
    Address: 69.168.130.7

     

    nslookup www.exampleadultsite.com. 192.168.219.1
    Server: router.local
    Address: 192.168.219.1

    Non-authoritative answer:
    Name: www.exampleadultsite.com
    Address: 146.112.255.155

     

    nslookup www.exampleadultsite.com. 208.67.222.222
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: www.exampleadultsite.com
    Address: 146.112.255.155

  • Avatar
    rotblitz

    Here we have it!  DNS queries via 192.168.219.1 do not reach OpenDNS, but your ISP's DNS service.  It seems your router does not work as supposed.  You may check for a better firmware version, or contact your router's support.

    But that's not all: even if your DNS query reaches OpenDNS (e.g. through 208.67.222.222), adult domains are still not being blocked.  You either have not configured your dashboard to block this, or your IP address 96.44.72.212 is not registered at  https://dashboard.opendns.com/settings/, so your individual dashboard settings cannot be applied.  You must rectify this by updating your dashboard network with the correct IP address, manually or with an updater.

Please sign in to leave a comment.