Strange problem - openDNS reporting as configured, yet not working...
I just installed openDNS and have followed all of the steps required to get it working - however, and to the best of my abilities, I can't seem to get it working...
With that said, can someone help troublshoot this problem?
So far, I have confirmed that my IP is updates, the DNS name servers have been changed in the router, and are reflected in windows 10 network configuration - yet for some unexplained reason, I can't seem to get the filtering to work...
-
"changed in the router, and are reflected in windows 10 network configuration"
That doesn't sound good. Nothing should be reflected in the Windows network configuration!
Could it be that you have dual-stack connectivity (IPv4 and IPv6) and configured only IPv4, not IPv6?
Check also at http://welcome.opendns.com/Further, you can copy & paste the complete plain text output of the following diagnostic commands to here, so that I get more information:
nslookup -type=txt debug.opendns.com. 208.67.220.220
nslookup -type=txt which.opendns.com.
nslookup whoami.akamai.net.
netsh interface ipv4 show configYou can copy a screen shot of the router page where you have the OpenDNS resolver addresses configured.
-
I'm referring to this;
DNS Servers:
208.67.222.222
208.67.220.220
192.168.219.1With that said, it would seem that though openDNS is working as per;
https://welcome.opendns.com
http://www.internetbadguys.comthat it is not however blocking porn sites
As for the tests here are the results;nslookup -type=txt debug.opendns.com. 208.67.220.220
Server: resolver2.opendns.com
Address: 208.67.220.220nslookup -type=txt which.opendns.com.
Server: resolver1.opendns.com
Address: 208.67.222.222Non-authoritative answer:
which.opendns.com text ="m1.yyz"
Non-authoritative answer:
debug.opendns.com text ="server m17.yyz"
debug.opendns.com text ="flags 40020 0 50 180000000000000000003B50000000000000000"
debug.opendns.com text ="originid 293626766"
debug.opendns.com text ="actype 2"
debug.opendns.com text ="bundle 12156776"
debug.opendns.com text ="source 96.44.72.212:17049"
nslookup -type=txt which.opendns.com.
Server: resolver1.opendns.com
Address: 208.67.222.222Non-authoritative answer:
which.opendns.com text ="m1.yyz"
nslookup whoami.akamai.net.
Server: resolver1.opendns.com
Address: 208.67.222.222Name: whoami.akamai.net
Address: 2620:119:10::65netsh interface ipv4 show config
Configuration for interface "Ethernet"
DHCP enabled: Yes
IP Address: 192.168.219.7
Subnet Prefix: 192.168.219.0/24 (mask 255.255.255.0)
Default Gateway: 192.168.219.1
Gateway Metric: 0
InterfaceMetric: 25
DNS servers configured through DHCP: 208.67.222.222
208.67.220.220
192.168.219.1
Register with which suffix: Primary only
WINS servers configured through DHCP: NoneConfiguration for interface "Loopback Pseudo-Interface 1"
DHCP enabled: No
IP Address: 127.0.0.1
Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
InterfaceMetric: 75
Statically Configured DNS Servers: None
Register with which suffix: None
Statically Configured WINS Servers: None -
That mixture of DNS resolvers is most likely the problem:
DNS servers configured through DHCP: 208.67.222.222
208.67.220.220
192.168.219.1You have a lousy router. It shouldn't provide such a mixture via DHCP.
Post the complete output of the following commands:
nslookup -type=txt debug.opendns.com. 192.168.219.1
nslookup whoami.akamai.net. 192.168.219.1
nslookup www.exampleadultsite.com. 192.168.219.1
nslookup www.exampleadultsite.com. 208.67.222.222 -
nslookup -type=txt debug.opendns.com. 192.168.219.1
Server: router.local
Address: 192.168.219.1opendns.com
primary name server = auth1.opendns.com
responsible mail addr = noc.opendns.com
serial = 1565605575
refresh = 16384 (4 hours 33 mins 4 secs)
retry = 2048 (34 mins 8 secs)
expire = 1048576 (12 days 3 hours 16 mins 16 secs)
default TTL = 2560 (42 mins 40 secs)nslookup whoami.akamai.net. 192.168.219.1
Server: h298a.local
Address: 192.168.219.1Non-authoritative answer:
Name: whoami.akamai.net
Address: 69.168.130.7nslookup www.exampleadultsite.com. 192.168.219.1
Server: router.local
Address: 192.168.219.1Non-authoritative answer:
Name: www.exampleadultsite.com
Address: 146.112.255.155nslookup www.exampleadultsite.com. 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222Non-authoritative answer:
Name: www.exampleadultsite.com
Address: 146.112.255.155 -
Here we have it! DNS queries via 192.168.219.1 do not reach OpenDNS, but your ISP's DNS service. It seems your router does not work as supposed. You may check for a better firmware version, or contact your router's support.
But that's not all: even if your DNS query reaches OpenDNS (e.g. through 208.67.222.222), adult domains are still not being blocked. You either have not configured your dashboard to block this, or your IP address 96.44.72.212 is not registered at https://dashboard.opendns.com/settings/, so your individual dashboard settings cannot be applied. You must rectify this by updating your dashboard network with the correct IP address, manually or with an updater.
Please sign in to leave a comment.
Comments
6 comments