0

Allowlisted Domain Blocked by NextDNS Ads & Trackers Blocklist

I temporarily allow certain blocklisted domains temporarily sometimes.  Today that doesn't seem to be working.  I am seeing new DNS requests blocked in the logs after toggling on an already existing allowlist item that has worked in the past.  I have clicked allow from the logs in case there was a change in the subdomain and get "This domain has already been added."  This confirms the enabled allowlist entry is correct.  I have deleted and recreated the entry, and I have even created an entry with a wildcard for the subdomain.  The issue persists.

6 replies

null
    • Dustin.2
    • 4 mths ago
    • Reported - view

    To be perfectly clear, I click the allowlist tab and see the relevant domain is enabled, I retry from the browser, I click the logs tab and see the domain blocked "a few seconds ago" again.  I have done this several times before posting, and each time I try, the previous entry was a number of minutes ago (so the "a few seconds ago" is new, not cached, this is also supported by the surrounding queries being different each time).

      • Calvin_Hobbes
      • 4 mths ago
      • Reported - view

        possibly the TTL is higher for the one that’s giving you trouble.   Have you tried flushing the cache?

      • Dustin.2
      • 4 mths ago
      • Reported - view

       I thought that my points about having done this before (same thing that used to work isn't working) and seeing fresh blocks in the logs (wouldn't be a new log hit if cache was being referenced) would show that cache wasn't the problem, but to elaborate further, my configuration renders a (not-cacheable) SRVFAIL for blocks, so I can retry as soon as I allowlist and it has always worked fine historically.  Further, I had checked with nslookup and confirmed I'd get a SRVFAIL for the allowlisted entry so even if the log hits weren't confirming the problem, the nslookup result was.  I probably should have included all of this and everything from my second comment in the original post, but I've never had much luck with anyone actually reading the wall of text that results from that strategy.  In any case, it is working as expected again today.

    • Dustin.2
    • 4 mths ago
    • Reported - view

    aaaand it's happening again.

    nslookup still getting SRVFAIL with new matching blocked log, and for good measure, switching nslookup to a Google server gives a good result, so the domain isn't having the issue.

    • Dustin.2
    • 3 mths ago
    • Reported - view

    I think I figured this out. I still think it's a bug, but it could be browser-specific, and I found a workaround for my case. The issue only occurs when I turn an allowlist item on, off, and back on again (turning it on again isn't effective once I have turned it off, no matter how many times I toggle at this point). Based on my most recent experience, restarting the browser that I am using for my.nextdns.io seems to make the toggle work again.

    • Dustin.2
    • 2 mths ago
    • Reported - view

    I had this happen without turning an entry on and back off before it happened.  Closing the nextdns tab and starting a new one showed the toggle I had turned on was still off.  Given this, it appears that it isn't turning the toggle off and back on that is causing the toggle to stop working, instead, it may be having a blocked attempt at the allowlist entry while it is off and then turning it on.  It is also potentially feasible that this only occurs while the allowlist section is already loaded and that switching nextdns sections or reloading would be as good as closing the tab and starting over.

Content aside

  • 2 mths agoLast active
  • 6Replies
  • 85Views
  • 2 Following