
Service is blocking Pandora CDN?
-
- ATL Mcw
- atlmcw
- 10 mths ago
- 9 replies
- 63
- Calvin Hobbes10 mths ago
- Bug Reports
Cant resolve
t3-1.p-cdn.us
from nextdns but get answers from cloudflare and Google DNS.. This prevents Pandora music from working properly..
- Oldest first
- Newest first
- Active threads
- Popular
-
- Calvin Hobbes
- Calvin_Hobbes
- 10 mths ago
- Bug Reports
- Reported - view
Allow list is your friend
Like-
- ATL Mcw
- atlmcw
- 10 mths ago
- Reported - view
Calvin Hobbes
Doesnt help in this situation. Its not blocked by NextDNS - it shows as PASS in the logs but it just fails to resolve an IP. I did try the allow lists, but that did not help.I had to force my router to use a different DNS just for the p-cdn.us domain
Like -
- Calvin Hobbes
- Calvin_Hobbes
- 10 mths ago
- 1
- Reported - view
Mike Wronski
I see. Your subject line said "blocked" but really what you're saying is you don't get an answer (or a wrong answer).
Some CDNs provide different answers, depending on the source making the query. (Some CDNs use different methods).
Do you know how to use dig or nslookup? Those are often helpful tools in this case.
I used nslookup (with debug) on MacOS terminal to lookup, then query the authoritative name server
> t3-1.p-cdn.us Server: ns1.p-cdn.us <----authortive server Address: 199.116.165.55#53 ------------ QUESTIONS: t3-1.p-cdn.us, type = A, class = IN ANSWERS: -> t3-1.p-cdn.us internet address = 208.85.46.29 ttl = 10 AUTHORITY RECORDS: -> t3-1.p-cdn.us internet address = 208.85.46.29 ttl = 10 -> t3-1.p-cdn.us internet address = 208.85.46.30 ttl = 10 -> t3-1.p-cdn.us internet address = 208.85.42.27 ttl = 10 -> t3-1.p-cdn.us internet address = 208.85.42.28 ttl = 10 -> t3-1.p-cdn.us internet address = 209.196.209.25 ttl = 10 -> t3-1.p-cdn.us internet address = 209.196.209.28 ttl = 10 -> t3-1.p-cdn.us
I then compared with NextDNS resolvers and always receive one of those answers, in round-robin style. For example:
> t3-1.p-cdn.us Server: 45.90.28.251 <---NextDNS DNS server Address: 45.90.28.251#53 Non-authoritative answer: Name: t3-1.p-cdn.us Address: 209.196.209.25 > t3-1.p-cdn.us Server: 45.90.28.251 Address: 45.90.28.251#53 Non-authoritative answer: Name: t3-1.p-cdn.us Address: 208.85.46.30
If you're not getting the correct result, you could use the NextDNS re-write feature to choose on of the servers closest to you.
Like 1 -
- ATL Mcw
- atlmcw
- 10 mths ago
- Reported - view
Calvin Hobbes
Very familiar with dig and nslookup - what's odd is I get NO answer - vs the wrong answer.. I change my router to use google (8.8.8.8) and I get an answer.
My dashboard says to use the following NextDNS servers which are different from the ones that you're using..
45.90.28.231
45.90.30.231Im going to try the server that you're using and see it it resolves and returns an answer..
Like -
- ATL Mcw
- atlmcw
- 10 mths ago
- Reported - view
So switched to the one that you're using (45.90.28.251) and I still get random empty/NULL replies.. The NextDNS servers will work for a some period and then start returning NULL. Its very odd.
Like -
- Calvin Hobbes
- Calvin_Hobbes
- 10 mths ago
- Reported - view
Mike Wronski
I tried using the servers you're assigned.
They both worked fine for me.
I don't fully grasp how CDNs work, but I believe some (not all) use DNS tricks to provide different answers depending on the location of the requesting client.
I'm aware that people often use VPNs specifically for receiving content not available at their real location.
Here's a tool that queries resolvers all over the world https://dnschecker.org. I just tried t3-1.p-cdn.us and it appears the answers all come from the same pool of answers.
Is it possible there was a temporary hiccup from your assigned NextDNS servers?
Like -
- Calvin Hobbes
- Calvin_Hobbes
- 10 mths ago
- Reported - view
I just re-read your last reply. There's a parameter (can't remember what it's called) that tells the client how long it can keep the old answer after TTL expires and a new answer isn't available. Normally that should take care of short term blips.
Also, using the tool that checks worldwide propogation, I checked AAAA record and Singapore server doesn't answer (it does answer for A record).
Like -
- ATL Mcw
- atlmcw
- 10 mths ago
- Reported - view
Calvin Hobbes
You are correct about CDNs - I dont use a VPN though.. these requests exist my router though my ISP directly.Would be great if there was actual support from NextDNS to look into the specific requests from me. But the service is likely to inexpensive to provide service for small scale issues like this.
For now, I have a workaround and just use a different resolver just for the p-cdn.us domain.
Thanks for trying to help. Much appreciated.
Like -
- Calvin Hobbes
- Calvin_Hobbes
- 10 mths ago
- Reported - view
ATL Mcw I’m glad you have a good work around
Like