routing issue with ISP and Nextdns

charles.2
3 mths ago
12replies

I'm unable to connect to any nextdns dns servers, the outage started around midnight two days ago.

Resolvers: 68.237.161.12,71.243.0.12
Testing IPv6 connectivity
available: false
Fetching https://test.nextdns.io
Fetch error: Get "https://test.nextdns.io": dial tcp: lookup test.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
Fetching PoP name for ultra low latency primary IPv4 (ipv4.dns1.nextdns.io)
Fetch error: Get "https://dns.nextdns.io/info": dial tcp: lookup ipv4.dns1.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
Fetching PoP name for ultra low latency secondary IPv4 (ipv4.dns2.nextdns.io)
Fetch error: Get "https://dns.nextdns.io/info": dial tcp: lookup ipv4.dns2.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
Fetching PoP name for anycast primary IPv4 (45.90.28.0)

Fetch error: Get "https://dns.nextdns.io/info": dial tcp 45.90.28.0:443: connect: operation timed out
Fetching PoP name for anycast secondary IPv4 (45.90.30.0)
Fetch error: Get "https://dns.nextdns.io/info": dial tcp 45.90.30.0:443: connect: operation timed out
Pinging PoPs
error: Get "https://router.nextdns.io/?limit=10&stack=dual": dial tcp: lookup router.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
Traceroute error: lookup ipv4.dns1.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
Traceroute error: lookup ipv4.dns2.nextdns.io on 192.168.1.16:53: dial udp: lookup68.237.161.12,71.243.0.12: no such host

Traceroute for anycast primary IPv4 (45.90.28.0)
1 173.56.84.1 9ms 2ms 3ms
2 100.41.196.248 3ms 4ms 2ms
3 140.222.1.59 3ms 8ms 11ms
4 152.179.72.42 3ms 3ms 4ms
5 129.250.3.50 3ms 3ms 3ms
6 129.250.6.53 5ms 4ms 4ms
7 128.241.12.86 41ms 4ms 4ms

also if i use curl i can't access any 45.90.28.XXX subnet.

curl -v https://dns.nextdns.io/info --connect-to ::45.90.28.211:443
* Connecting to hostname: 45.90.28.211
* Connecting to port: 443
* Trying 45.90.28.211:443...

Network

- NextDNs
- 3 mths ago
- Reported - view
Please disable NextDNS and re-run the diag
- charles.2
  
  3 mths ago
  
  Reported - view
  Thanks for help. I can't use Nextdns so i'm not sure what do you mean disable Nextdns?
  
  I ran the test again, my dns server is set to ControlD at the moment because nextdns servers do not connect for me.
  
  sh -c 'sh -c "$(curl -s https://nextdns.io/diag)"'
  
  Do you want to continue? (press enter to accept)
  Resolvers: 68.237.161.12,71.243.0.12
  Testing IPv6 connectivity
  available: false
  Fetching https://test.nextdns.io
  Fetch error: Get "https://test.nextdns.io": dial tcp: lookup test.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Fetching PoP name for ultra low latency primary IPv4 (ipv4.dns1.nextdns.io)
  Fetch error: Get "https://dns.nextdns.io/info": dial tcp: lookup ipv4.dns1.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Fetching PoP name for ultra low latency secondary IPv4 (ipv4.dns2.nextdns.io)
  Fetch error: Get "https://dns.nextdns.io/info": dial tcp: lookup ipv4.dns2.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Fetching PoP name for anycast primary IPv4 (45.90.28.0)
  Fetch error: Get "https://dns.nextdns.io/info": dial tcp 45.90.28.0:443: connect: operation timed out
  Fetching PoP name for anycast secondary IPv4 (45.90.30.0)
  
  Fetch error: Get "https://dns.nextdns.io/info": dial tcp 45.90.30.0:443: connect: operation timed out
  Pinging PoPs
  error: Get "https://router.nextdns.io/?limit=10&stack=dual": dial tcp: lookup router.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Traceroute error: lookup ipv4.dns1.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Traceroute error: lookup ipv4.dns2.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  
  Traceroute for anycast primary IPv4 (45.90.28.0)
  1 173.56.84.1 0ms 0ms 4ms
  2 100.41.196.248 3ms 2ms 6ms
  3 140.222.1.59 3ms 5ms 3ms
  4 152.179.72.42 2ms 3ms 3ms
  5 129.250.3.50 6ms 7ms 35ms
  6 129.250.6.53 5ms 6ms 4ms
  7 128.241.12.86 5ms 4ms 4ms
  8 * * *
  9 * * *
  10 * * *
  11 * * *
  12 * * *
  13 * * *
  14 * * *
  15 * * *
  16 * * *
  17 * * *
  18 * * *
  19 * * *
  20 * * *
  Traceroute for anycast secondary IPv4 (45.90.30.0)
  1 173.56.84.1 1ms 0ms 1ms
  2 100.41.196.252 4ms 2ms 2ms
  3 140.222.1.61 3ms 3ms 2ms
  4 152.179.72.42 3ms 3ms 3ms
  5 129.250.3.50 3ms 3ms 3ms
  6 129.250.6.65 8ms 20ms 4ms
  7 128.242.179.82 3ms 3ms 3ms
  8 94.16.100.32 5ms 4ms 4ms
  9 * * *
  10 * * *
  11 * * *
  12 * * *
  13 * * *
  14 * * *
  15 * * *
  16 * * *
  17 * * *
  18 * * *
  19 * * *
  
  Post unsuccessful: Post "https://api.nextdns.io/diagnostic": dial tcp: lookup api.nextdns.io on 192.168.1.16:53: dial udp: lookup 68.237.161.12,71.243.0.12: no such host
  Please report this issue on https://github.com/nextdns/diag
- NextDNs
  
  3 mths ago
  
  Reported - view
  on which OS are you running the diag? There is something wrong with the way it handles resolution.
- charles.2
  
  2 mths ago
  
  Reported - view
  opnsense (freebsd)

Joe.18
3 mths ago
Reported - view

I am also experiencing, what appears to be, an ISP routing issue. This started tonight. I cannot do DNS lookups to the DNS servers directly anymore either. My traceroute gets to the 30 hop limit seen below.

Tracing route to dns1.nextdns.io [45.90.28.159]
over a maximum of 30 hops:
  1     *       <1 ms    <1 ms  192.168.4.1
  2    <1 ms    <1 ms    <1 ms  192.168.1.254
  3     2 ms     1 ms     1 ms  108-194-136-1.lightspeed.gdrpmi.sbcglobal.net [108.194.136.1]
  4     2 ms     1 ms     1 ms  71.152.176.48
  5     *        *        *     Request timed out.
  6     8 ms     7 ms     7 ms  32.130.17.77
  7     8 ms     7 ms     7 ms  cgcil402igs.ip.att.net [12.122.132.197]
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     *        *        *     Request timed out.
 13     *       38 ms     *     dns1.nextdns.io [45.90.28.159]
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.
Trace complete.

- Ray_Gaida
- 3 mths ago
- Reported - view
I can confirm. I'm on AT&T Gigabit.

I am unable to ping dns1.nextdns.io or dns2.nextdns.io

Tracing route to dns1.nextdns.io [45.90.28.157]
over a maximum of 30 hops:

1 2 ms 2 ms 3 ms 192.168.10.1
2 33 ms 17 ms 3 ms (hidden for privacy)
3 7 ms 118 ms 3 ms 71.151.17.78
4 7 ms 4 ms 6 ms 12.242.114.41
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
- Ray_Gaida
- 3 mths ago
- Reported - view
Additional info:

Disconnecting from WIFI and using my cellular service allows me to ping the DNS servers.

This sounds like a routing issue.

@NextDNS Can you look into routing issues to sbcglobal.net?
- Joe.18
- 2 mths ago
- Reported - view
It looks like this may have been an AT&T problem, at least. There was a post on Reddit r/ATT about it. I also had problems getting to Wikipedia, Github, and a few other websites. I was able to get to those websites from a VPN though. For me it seems they have fixed the issue.
- charles.2
- 2 mths ago
- Reported - view
issue has been resolved, no more routing issue! yayaya

Milan
2 mths ago
Reported - view

I've been having similar difficulties over the past month, when I go to my office at the Research Park of a university, Western University, in London, Ontario, Canada. I set it to Cloudflare in December, and made another stab this week to get it working. The IP is linked, but it seems as if DNS is unresponsive to name lookups or to an ICMP traceroute.

The static IP at the office is 198.20.49.186, and the whois data is as such:

NetRange:       198.20.32.0 - 198.20.63.255
CIDR:           198.20.32.0/19
NetName:        LARGNET8
NetHandle:      NET-198-20-32-0-1
Parent:         NET198 (NET-198-0-0-0-0)
NetType:        Direct Allocation
OriginAS:
Organization:   LARG*net London and Region Global Computer Network (LRGN-Z)
RegDate:        1992-11-27
Updated:        2023-11-08
Ref:            https://rdap.arin.net/registry/ip/198.20.32.0


OrgName:        LARG*net London and Region Global Computer Network
OrgId:          LRGN-Z
Address:        c/o University of Western Ontario
City:           London
StateProv:      ON
PostalCode:     N6A-5B7
Country:        CA
RegDate:        2023-11-06
Updated:        2023-11-06
Ref:            https://rdap.arin.net/registry/entity/LRGN-Z


OrgAbuseHandle: LARGN-ARIN
OrgAbuseName:   LARGnet
OrgAbusePhone:  +1-519-661-3268
OrgAbuseEmail:  @largnet.ca
OrgAbuseRef:    https://rdap.arin.net/registry/entity/LARGN-ARIN

OrgTechHandle: LARGN-ARIN
OrgTechName:   LARGnet
OrgTechPhone:  +1-519-661-3268
OrgTechEmail:  @largnet.ca
OrgTechRef:    https://rdap.arin.net/registry/entity/LARGN-ARIN

RTechHandle: LARGN-ARIN
RTechName:   LARGnet
RTechPhone:  +1-519-661-3268
RTechEmail:  @largnet.ca
RTechRef:    https://rdap.arin.net/registry/entity/LARGN-ARIN

I've attempted to create a new NextDNS profile, with different DNS servers, but the name lookups time out. The friend of mine who recommended NextDNS tried his servers, as per below, when logged into my pfSense firewall at the office. (I don't know if I need a business plan for myself, feedback appreciated, I'm the founder and we don't have any other staff.)

[23.09.1-RELEASE][root@milan.tristar-tech.com]/root: nslookup
> server 45.90.28.113
Default server: 45.90.28.113
Address: 45.90.28.113#53
> google.ca
;; communications error to 45.90.28.113#53: timed out
;; communications error to 45.90.28.113#53: timed out
;; communications error to 45.90.28.113#53: timed out
;; no servers could be reached
> server 45.90.30.113
Default server: 45.90.30.113
Address: 45.90.30.113#53
> google.ca
;; communications error to 45.90.30.113#53: timed out
;; communications error to 45.90.30.113#53: timed out
;; communications error to 45.90.30.113#53: timed out
;; no servers could be reached
> server 1.1.1.1
Default server: 1.1.1.1
Address: 1.1.1.1#53
> google.ca
Server:         1.1.1.1
Address:        1.1.1.1#53
Non-authoritative answer:
Name:   google.ca
Address: 172.217.165.3
Name:   google.ca
Address: 2607:f8b0:400b:803::2003
> server 8.8.8.8
Default server: 8.8.8.8
Address: 8.8.8.8#53
> google.ca
Server:         8.8.8.8
Address:        8.8.8.8#53
Non-authoritative answer:
Name:   google.ca
Address: 142.251.41.67
Name:   google.ca
Address: 2607:f8b0:400b:804::2003
> exit

- Bruno_Souto
- 2 mths ago
- Reported - view
Having the same issue ( Portugal - ISP -MEO )

pi@blablabla:~ $ dig @45.90.28.197 www.sapo.pt
;; communications error to 45.90.28.197#53: timed out
;; communications error to 45.90.28.197#53: timed out
;; communications error to 45.90.28.197#53: timed out

; <<>> DiG 9.18.19-1~deb12u1-Raspbian <<>> @45.90.28.197 www.sapo.pt
; (1 server found)
;; global options: +cmd
;; no servers could be reached

pi@blablabla:~ $ dig @8.8.8.8 www.sapo.pt

; <<>> DiG 9.18.19-1~deb12u1-Raspbian <<>> @8.8.8.8 www.sapo.pt
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25206
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.sapo.pt. IN A

;; ANSWER SECTION:
www.sapo.pt. 33 IN A 213.13.146.142

;; Query time: 15 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed Jan 31 01:38:32 WET 2024
;; MSG SIZE rcvd: 56
- NextDNs
  
  2 mths ago
  
  Reported - view
  please provide a https://nextdns.io/diag ideally in a separate thread as it is a different issue.

Content aside

2 mths agoLast active
12Replies
252Views
6 Following

routing issue with ISP and Nextdns

12 replies

Content aside

Home

Tags