- Oldest first
- Newest first
- Active threads
Allow list is your friendLike
Doesnt help in this situation. Its not blocked by NextDNS - it shows as PASS in the logs but it just fails to resolve an IP. I did try the allow lists, but that did not help.
I had to force my router to use a different DNS just for the p-cdn.us domainLike
- Calvin Hobbes
- 1 mth ago
- Reported - view
I see. Your subject line said "blocked" but really what you're saying is you don't get an answer (or a wrong answer).
Some CDNs provide different answers, depending on the source making the query. (Some CDNs use different methods).
Do you know how to use dig or nslookup? Those are often helpful tools in this case.
I used nslookup (with debug) on MacOS terminal to lookup, then query the authoritative name server
> t3-1.p-cdn.us Server: ns1.p-cdn.us <----authortive server Address: 126.96.36.199#53 ------------ QUESTIONS: t3-1.p-cdn.us, type = A, class = IN ANSWERS: -> t3-1.p-cdn.us internet address = 188.8.131.52 ttl = 10 AUTHORITY RECORDS: -> t3-1.p-cdn.us internet address = 184.108.40.206 ttl = 10 -> t3-1.p-cdn.us internet address = 220.127.116.11 ttl = 10 -> t3-1.p-cdn.us internet address = 18.104.22.168 ttl = 10 -> t3-1.p-cdn.us internet address = 22.214.171.124 ttl = 10 -> t3-1.p-cdn.us internet address = 126.96.36.199 ttl = 10 -> t3-1.p-cdn.us internet address = 188.8.131.52 ttl = 10 -> t3-1.p-cdn.us
I then compared with NextDNS resolvers and always receive one of those answers, in round-robin style. For example:
> t3-1.p-cdn.us Server: 184.108.40.206 <---NextDNS DNS server Address: 220.127.116.11#53 Non-authoritative answer: Name: t3-1.p-cdn.us Address: 18.104.22.168 > t3-1.p-cdn.us Server: 22.214.171.124 Address: 126.96.36.199#53 Non-authoritative answer: Name: t3-1.p-cdn.us Address: 188.8.131.52
If you're not getting the correct result, you could use the NextDNS re-write feature to choose on of the servers closest to you.Like 1
Very familiar with dig and nslookup - what's odd is I get NO answer - vs the wrong answer.. I change my router to use google (184.108.40.206) and I get an answer.
My dashboard says to use the following NextDNS servers which are different from the ones that you're using..
Im going to try the server that you're using and see it it resolves and returns an answer..Like
So switched to the one that you're using (220.127.116.11) and I still get random empty/NULL replies.. The NextDNS servers will work for a some period and then start returning NULL. Its very odd.Like
I tried using the servers you're assigned.
They both worked fine for me.
I don't fully grasp how CDNs work, but I believe some (not all) use DNS tricks to provide different answers depending on the location of the requesting client.
I'm aware that people often use VPNs specifically for receiving content not available at their real location.
Is it possible there was a temporary hiccup from your assigned NextDNS servers?Like
I just re-read your last reply. There's a parameter (can't remember what it's called) that tells the client how long it can keep the old answer after TTL expires and a new answer isn't available. Normally that should take care of short term blips.
Also, using the tool that checks worldwide propogation, I checked AAAA record and Singapore server doesn't answer (it does answer for A record).Like
You are correct about CDNs - I dont use a VPN though.. these requests exist my router though my ISP directly.
Would be great if there was actual support from NextDNS to look into the specific requests from me. But the service is likely to inexpensive to provide service for small scale issues like this.
For now, I have a workaround and just use a different resolver just for the p-cdn.us domain.
Thanks for trying to help. Much appreciated.Like
ATL Mcw I’m glad you have a good work aroundLike