0

DNS queries not always using the Account block settings

looks like some queries are being answered as if there was no custom NextDNS config on them.

the first 2 queries (one to the ipv4 and one to the ipv6 address) to a blocked category domain was not blocked, and did not show up in hte logs if NextDNS either. the next 2 queries (one min after)received the blockpage reply, and showed up in the logs.

nextdns settings were not change overnight. (at least 10 hours)

====================================================================

 

[root@dns-1 ~]# dig @2a07:a8c0::XX:XXXX +dnssec BLOCKSITE.com

; <<>> DiG 9.11.26-RedHat-9.11.26-3.el8 <<>> @2a07:a8c0::XX:XXXX +dnssec BLOCKSITE.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48907
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;BLOCKSITE.com.                   IN      A

;; ANSWER SECTION:
BLOCKSITE.com. 3586 IN A 66.254.XXX.XXX

;; Query time: 68 msec
;; SERVER: 2a07:a8c0::XX:XXXX#53(2a07:a8c0::XX:XXXX)
;; WHEN: Wed Jul 21 10:14:26 AWST 2021
;; MSG SIZE  rcvd: 56

-----------------------------------------------------------------------------------------------------------------

 

[root@dns-1 ~]# dig @45.90.28.XXX +dnssec BLOCKSITE.com

; <<>> DiG 9.11.26-RedHat-9.11.26-3.el8 <<>> @45.90.28.XXX +dnssec BLOCKSITE.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63582
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;BLOCKSITE.com.                   IN      A

;; ANSWER SECTION:
BLOCKSITE.com. 3376 IN A 66.254.XXX.XXX

;; Query time: 50 msec
;; SERVER: 45.90.28.XXX#53(45.90.28.XXX)
;; WHEN: Wed Jul 21 10:17:56 AWST 2021
;; MSG SIZE  rcvd: 56

====================================================================

 

[root@dns-1 ~]# dig @45.90.28.XXX +dnssec BLOCKSITE.com

; <<>> DiG 9.11.26-RedHat-9.11.26-3.el8 <<>> @45.90.28.XXX +dnssec BLOCKSITE.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58048
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;BLOCKSITE.com.                   IN      A

;; ANSWER SECTION:
BLOCKSITE.com. 0 IN CNAME blockpage.nextdns.io.
blockpage.nextdns.io. 300 IN A 45.121.209.148

;; Query time: 49 msec
;; SERVER: 45.90.28.XXX#53(45.90.28.XXX)
;; WHEN: Wed Jul 21 10:18:57 AWST 2021
;; MSG SIZE  rcvd: 79

-----------------------------------------------------------------------------------------------------------------

 

[root@dns-1 ~]# dig @2a07:a8c0::XX:XXXX +dnssec BLOCKSITE.com

; <<>> DiG 9.11.26-RedHat-9.11.26-3.el8 <<>> @2a07:a8c0::XX:XXXX +dnssec BLOCKSITE.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30575
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;BLOCKSITE.com.                   IN      A

;; ANSWER SECTION:
BLOCKSITE.com. 300 IN CNAME blockpage.nextdns.io.
blockpage.nextdns.io. 300 IN A 45.121.209.148

;; Query time: 65 msec
;; SERVER: 2a07:a8c0::XX:XXXX#53(2a07:a8c0::XX:XXXX)
;; WHEN: Wed Jul 21 10:19:58 AWST 2021
;; MSG SIZE  rcvd: 79

====================================================================

1reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • it looks like if NextDNS has not been used for a while (not sure how long a while is), when the 1st query is made, it take a few seconds for it to load the custom config?

    i suppose this will not be an issue when it is in use in production, since host will always be sending request in, and will keep the custom block config in place?

    ipv6
    ;; WHEN: Wed Jul 21 20:37:09 AWST 2021 1st query, not blocked
    ;; WHEN: Wed Jul 21 20:37:22 AWST 2021 Blocked

    ipv4
    ;; WHEN: Wed Jul 21 20:37:20 AWST 2021 1st query, not blocked
    ;; WHEN: Wed Jul 21 20:37:26 AWST 2021 Blocked
     

    Like
Like Follow
  • 9 days agoLast active
  • 1Replies
  • 32Views
  • 1 Following