0

Service is blocking Pandora CDN?

Cant resolve

t3-1.p-cdn.us

from nextdns but get answers from cloudflare and Google DNS.. This prevents Pandora music from working properly..

9 replies

null
    • Calvin_Hobbes
    • 2 yrs ago
    • Reported - view

    Allow list is your friend 

      • atlmcw
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes 
      Doesnt help in this situation. Its not blocked by NextDNS - it shows as PASS in the logs but it just fails to resolve an IP.  I did try the allow lists, but that did not help.

      I had to force my router to use a different DNS just for the p-cdn.us domain

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      Mike Wronski 

      I see.   Your subject line said "blocked" but really what you're saying is you don't get an answer (or a wrong answer).

      Some CDNs provide different answers, depending on the source making the query.  (Some CDNs use different methods).

      Do you know how to use dig or nslookup?    Those are often helpful tools in this case.   

      I used nslookup  (with debug) on MacOS terminal to lookup, then query the authoritative name server  

      
> t3-1.p-cdn.us
Server:        ns1.p-cdn.us                <----authortive server
Address:    199.116.165.55#53

------------
    QUESTIONS:
    t3-1.p-cdn.us, type = A, class = IN
    ANSWERS:
    ->  t3-1.p-cdn.us
    internet address = 208.85.46.29
    ttl = 10
    AUTHORITY RECORDS:
    ->  t3-1.p-cdn.us
    internet address = 208.85.46.29
    ttl = 10
    ->  t3-1.p-cdn.us
    internet address = 208.85.46.30
    ttl = 10
    ->  t3-1.p-cdn.us
    internet address = 208.85.42.27
    ttl = 10
    ->  t3-1.p-cdn.us
    internet address = 208.85.42.28
    ttl = 10
    ->  t3-1.p-cdn.us
    internet address = 209.196.209.25
    ttl = 10
    ->  t3-1.p-cdn.us
    internet address = 209.196.209.28
    ttl = 10
    ->  t3-1.p-cdn.us

      I then compared with NextDNS resolvers and always receive one of those answers, in round-robin style.  For example: 

      > t3-1.p-cdn.us
Server:        45.90.28.251       <---NextDNS DNS server
Address:    45.90.28.251#53

Non-authoritative answer:
Name:    t3-1.p-cdn.us
Address: 209.196.209.25

> t3-1.p-cdn.us
Server:        45.90.28.251
Address:    45.90.28.251#53

Non-authoritative answer:
Name:    t3-1.p-cdn.us
Address: 208.85.46.30

       

      If you're not getting the correct result, you could use the NextDNS re-write feature to choose on of the servers closest to you.

      • atlmcw
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes 

      Very familiar with dig and nslookup - what's odd is I get NO answer - vs the wrong answer..  I change my router to use google (8.8.8.8) and I get an answer.

      My dashboard says to use the following NextDNS servers which are different from the ones that you're using..

      45.90.28.231
      45.90.30.231

      Im going to try the server that you're using and see it it resolves and returns an answer..

      • atlmcw
      • 2 yrs ago
      • Reported - view

      So switched to the one that you're using (45.90.28.251) and I still get random empty/NULL replies..  The NextDNS servers will work for a some period and then start returning NULL.    Its very odd.

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      Mike Wronski 

      I tried using the servers you're assigned.  

      They both worked fine for me.

      I don't fully grasp how CDNs work, but I believe some (not all) use DNS tricks to provide different answers depending on the location of the requesting client.

      I'm aware that people often use VPNs specifically for receiving content not available at their real location.

      Here's a tool that queries resolvers all over the world https://dnschecker.org. I just tried t3-1.p-cdn.us and it appears the answers all come from the same pool of answers.

      Is it possible there was a temporary hiccup from your assigned NextDNS servers?

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      I just re-read your last reply.   There's a parameter (can't remember what it's called) that tells the client how long it can keep the old answer after TTL expires and a new answer isn't available.   Normally that should take care of short term blips.

      Also, using the tool that checks worldwide propogation, I checked AAAA record and Singapore server doesn't answer  (it does answer for A record).

      • atlmcw
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes
      You are correct about CDNs - I dont use a VPN though.. these requests exist my router though my ISP directly. 

       

      Would be great if there was actual support from NextDNS to look into the specific requests from me.  But the service is likely to inexpensive to provide service for small scale issues like this.

      For now, I have a workaround and just use a different resolver just for the p-cdn.us domain.

      Thanks for trying to help. Much appreciated.

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      ATL Mcw I’m glad you have a good work around

Login to reply

Content aside

  • 2 yrs agoLast active
  • 9Replies
  • 107Views
  • 2 Following