0
Having intermittant issues connecting
Hello -- I've been using NextDNS for awhile, but over the last week or so I've been having issues where it just seems like nothing can connect (pages never resolve). In the ping.nextdns.io, I'm getting errors connecting to anycast and a couple other POPs and the diag is pasted below:
Resolvers: 192.168.50.1
Testing IPv6 connectivity
available: true
Fetching https://test.nextdns.io
Fetch error: Get "https://test.nextdns.io": x509: certificate has expired or is not yet valid: “test.nextdns.io” certificate is expired
Fetching PoP name for ultra low latency primary IPv4 (ipv4.dns1.nextdns.io)
zepto-xrs: 13.913ms
Fetching PoP name for ultra low latency secondary IPv4 (ipv4.dns2.nextdns.io)
anexia-mnz: 14.442ms
Fetching PoP name for anycast primary IPv4 (45.90.28.0)
vultr-ewr: 18.014ms
Fetching PoP name for anycast secondary IPv4 (45.90.30.0)
Fetch error: Get "https://dns.nextdns.io/info": x509: certificate has expired or is not yet valid: “dns.nextdns.io” certificate is expired
Fetching PoP name for ultra low latency primary IPv6 (ipv6.dns1.nextdns.io)
zepto-xrs: 11.829ms
Fetching PoP name for ultra low latency secondary IPv6 (ipv6.dns2.nextdns.io)
anexia-mnz: 15.827ms
Fetching PoP name for anycast primary IPv6 (2a07:a8c0::)
vultr-ewr: 24.125ms
Fetching PoP name for anycast secondary IPv6 (2a07:a8c1::)
Fetch error: Get "https://dns.nextdns.io/info": x509: certificate has expired or is not yet valid: “dns.nextdns.io” certificate is expired
Pinging PoPs
zepto-xrs (IPv6): 12.741ms
hetzner-iad (IPv6): 10.788ms
zepto-iad: 12.739ms
hetzner-iad: 17.444ms
zepto-iad (IPv6): 11.384ms
zepto-xrs: 12.761ms
hydron-clt: 11.527ms
hydron-clt (IPv6): 10.99ms
anexia-mnz: 18.057ms
anexia-mnz (IPv6): 18.596ms
vultr-ewr (IPv6): 18.041ms
anexia-ewr (IPv6): 18.034ms
vultr-ewr: 18.062ms
anexia-ewr: 18.571ms
teraswitch-pit (IPv6): 18.355ms
teraswitch-pit: 18.924ms
tier-clt: 25.193ms
router-pit: 82.649ms
Traceroute for ultra low latency primary IPv4 (170.39.224.134)
1 192.168.50.1 2ms 1ms 1ms
2 96.120.106.61 17ms 15ms 10ms
3 68.87.141.101 14ms 10ms 10ms
4 68.87.135.21 19ms 12ms 12ms
5 96.110.235.69 13ms 14ms 11ms
6 96.110.40.21 14ms 13ms 14ms
7 96.110.34.118 31ms 15ms 20ms
8 71.25.197.218 13ms 17ms 13ms
9 * * *
10 199.119.65.17 16ms 16ms 15ms
11 170.39.224.134 20ms 18ms 18ms
Traceroute for ultra low latency secondary IPv4 (213.227.173.235)
1 192.168.50.1 1ms 1ms 1ms
2 96.120.106.61 10ms 14ms 9ms
3 68.87.141.101 11ms 10ms 13ms
4 68.87.135.21 11ms 15ms 15ms
5 96.110.235.69 17ms 11ms 11ms
6 96.110.40.21 15ms 13ms 13ms
7 96.110.32.126 17ms 13ms 17ms
8 62.115.51.193 13ms * *
9 62.115.123.122 17ms 19ms 19ms
10 62.115.112.101 14ms 19ms 19ms
11 62.115.13.117 17ms 16ms 20ms
12 213.227.173.235 18ms 20ms 18ms
Traceroute for anycast primary IPv4 (45.90.28.0)
1 192.168.50.1 1ms 1ms 1ms
2 96.120.106.61 10ms 25ms 13ms
3 68.87.141.101 9ms 14ms 11ms
4 68.87.135.21 20ms 11ms 31ms
5 96.110.235.69 11ms 16ms 11ms
6 * * *
7 * * *
8 65.59.14.18 30ms 37ms 19ms
9 * * *
10 * * *
11 * * *
12 45.90.28.0 20ms 22ms 20ms
Traceroute for anycast secondary IPv4 (45.90.30.0)
1 192.168.50.1 1ms 1ms 3ms
2 96.120.106.61 13ms 13ms 14ms
3 68.87.141.101 12ms 14ms 17ms
4 68.87.135.21 13ms 16ms 11ms
5 96.110.235.69 14ms 14ms 12ms
6 96.110.40.17 13ms 16ms 16ms
7 96.110.32.122 14ms 17ms 16ms
8 62.115.51.193 15ms 13ms 14ms
9 62.115.10.98 13ms 14ms 27ms
10 * * *
11 199.119.65.29 18ms 20ms 12ms
12 45.90.30.0 18ms 14ms 16ms
Traceroute for ultra low latency primary IPv6 (2a01:4ff:f0:ac5::1)
1 2601:14f:4401:1d94::1 2ms 1ms 1ms
2 2001:558:4083:a::1 18ms 16ms 10ms
3 2001:558:342:210d::1 9ms 11ms 13ms
4 2001:558:340:2029::1 30ms 9ms 9ms
5 2001:558:340:1e8::1 16ms 28ms 18ms
6 2001:558:340:ca::1 13ms * 13ms
7 2001:558:3:206::1 13ms 14ms 17ms
8 2001:558:3:20::2 13ms 14ms 18ms
9 * * *
10 2001:550:0:1000::9a36:18ea 20ms 17ms 16ms
11 2001:550:2:2f::8d:2 17ms 25ms 10ms
12 2a01:4ff:1::16 15ms 13ms 15ms
13 * * *
14 2a01:4ff:0:c001::63b 18ms 13ms 17ms
15 2a01:4ff:f0:ac5::1 15ms 15ms 14ms
Traceroute for ultra low latency secondary IPv6 (2a00:11c0:39:353::3)
1 2601:14f:4401:1d94::1 1ms 1ms 1ms
2 2001:558:4083:a::1 14ms 14ms 10ms
3 2001:558:342:210d::1 9ms 24ms 16ms
4 2001:558:340:2029::1 12ms 10ms 10ms
5 2001:558:340:1e8::1 11ms 11ms 20ms
6 * * *
7 2001:558:3:206::1 53ms 20ms 14ms
8 2001:558:3:20::2 19ms 15ms 14ms
9 * * *
10 * * *
11 2001:2000:3080:14a5::2 14ms 20ms 14ms
12 2a00:11c0:39:353::3 23ms 18ms 15ms
Traceroute for anycast primary IPv6 (2a07:a8c0::)
1 2601:14f:4401:1d94::1 1ms 1ms 1ms
2 2001:558:4083:a::1 11ms 15ms 14ms
3 2001:558:342:210d::1 10ms 10ms 12ms
4 2001:558:340:1de::1 13ms 21ms 12ms
5 * * *
6 2001:1900:4:3::35d 19ms 16ms 19ms
7 2001:1900::3:19b 20ms 20ms 20ms
8 2001:1900:2100::64fe 27ms 22ms 21ms
9 * * *
10 * * *
11 * * *
12 2a07:a8c0:: 23ms 20ms 20ms
Traceroute for anycast secondary IPv6 (2a07:a8c1::)
1 2601:14f:4401:1d94::1 1ms 1ms 1ms
2 2001:558:4083:a::1 12ms 10ms 17ms
3 2001:558:342:210d::1 11ms 10ms 10ms
4 2001:558:340:2029::1 14ms 11ms 10ms
5 2001:558:340:1e8::1 11ms 14ms 16ms
6 2001:558:340:ca::1 16ms * *
7 2001:558:3:205::1 16ms 13ms 17ms
8 2001:558:3:1f::2 16ms 13ms 18ms
9 * * *
10 2001:2035:0:1b79::2 14ms 17ms 16ms
11 * * *
12 2a0b:4342:1a30::29 14ms 15ms 13ms
13 2a07:a8c1:: 14ms 14ms 15ms
4 replies
-
Can you please run the following commands:
- curl -v https://dns.nextdns.io/info
- curl -k https://dns.nextdns.io/info
-
Yup -- here you go:
* Trying [2a0e:6902:2002:12b:5054:ff:fed7:6b78]:443... * Connected to dns.nextdns.io (2a0e:6902:2002:12b:5054:ff:fed7:6b78) port 443 (#0) * ALPN: offers h2,http/1.1 * TLSv1.2 (OUT), TLS handshake, Client hello (1): * CAfile: /etc/ssl/cert.pem * CApath: none * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256 * ALPN: server accepted h2 * Server certificate: * subject: CN=dns.nextdns.io * start date: Oct 18 00:00:00 2023 GMT * expire date: Jan 16 23:59:59 2024 GMT * subjectAltName: host "dns.nextdns.io" matched cert's "dns.nextdns.io" * issuer: C=AT; O=ZeroSSL; CN=ZeroSSL ECC Domain Secure Site CA * SSL certificate verify ok. * using HTTP/2 * h2 [:method: GET] * h2 [:scheme: https] * h2 [:authority: dns.nextdns.io] * h2 [:path: /info] * h2 [user-agent: curl/8.1.2] * h2 [accept: */*] * Using Stream ID: 1 (easy handle 0x7fdf52812600) > GET /info HTTP/2 > Host: dns.nextdns.io > User-Agent: curl/8.1.2 > Accept: */* > < HTTP/2 200 < access-control-allow-origin: * < content-type: application/json < strict-transport-security: max-age=63072000; includeSubDomains; preload < timing-allow-origin: * < content-length: 84 < date: Sat, 16 Dec 2023 01:00:25 GMT < * Connection #0 to host dns.nextdns.io left intact {"locationName": "
Reston, United States", "pop": "zepto-xrs", "rtt": 14754}
{"locationName": " Reston, United States", "pop": "zepto-xrs", "rtt": 16098}
-
what about:
- curl -v https://dns.nextdns.io/info --connect-to ::45.90.30.0
- curl -k https://dns.nextdns.io/info --connect-to ::45.90.30.0
-
* Connecting to hostname: 45.90.30.0 * Trying 45.90.30.0:443... * Connected to 45.90.30.0 (45.90.30.0) port 443 (#0) * ALPN: offers h2,http/1.1 * TLSv1.2 (OUT), TLS handshake, Client hello (1): * CAfile: /etc/ssl/cert.pem * CApath: none * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256 * ALPN: server accepted h2 * Server certificate: * subject: CN=dns.nextdns.io * start date: Oct 18 00:00:00 2023 GMT * expire date: Jan 16 23:59:59 2024 GMT * subjectAltName: host "dns.nextdns.io" matched cert's "dns.nextdns.io" * issuer: C=AT; O=ZeroSSL; CN=ZeroSSL ECC Domain Secure Site CA * SSL certificate verify ok. * using HTTP/2 * h2 [:method: GET] * h2 [:scheme: https] * h2 [:authority: dns.nextdns.io] * h2 [:path: /info] * h2 [user-agent: curl/8.1.2] * h2 [accept: */*] * Using Stream ID: 1 (easy handle 0x7f9bf100a800) > GET /info HTTP/2 > Host: dns.nextdns.io > User-Agent: curl/8.1.2 > Accept: */* > < HTTP/2 200 < access-control-allow-origin: * < content-type: application/json < strict-transport-security: max-age=63072000; includeSubDomains; preload < timing-allow-origin: * < content-length: 85 < date: Sat, 16 Dec 2023 03:02:51 GMT < * Connection #0 to host 45.90.30.0 left intact {"locationName": " Ashburn, United States", "pop": "zepto-iad", "rtt": 16334}
{"locationName": " Ashburn, United States", "pop": "zepto-iad", "rtt": 17133}
Content aside
- 11 mths agoLast active
- 4Replies
- 84Views
-
2
Following