NextDNS is breaking zoom!
I think this is a bug. NextDNS can’t resolve zoom.us nor its sub-domains (like my-organization.zoom.us) Here are the steps to reproduce:
- Use next dns (I use it with pfsense).
- Run this command (on MacOS or Linux)
When it’s bugged out, NextDNS responds with a blank “A” record. I’ve noticed that it doesn’t always happen. But it always seems to happen at the worst time. And when I dig at another DNS server it works.
As a work around, I can go into my OS’s network settings and change my DNS to quad 9 or something. (But I use NextDNS for privacy so this solution kinda sucks because I have to remember to change it back).
It works for me, try to see the logs and watch for anything that's blocking it.
NRD could block it as it was blocking a Plex server for me at one point.
Check and disable Blocka Page as it can create problems if you use it.
Disable DNS Rebidning and see if it works if not turn DNS Rebindig back on as it's a major security feature in my opinion
Its unlikely but also try to disable Bypass Methods if you use the future and see if that works.
In case it’s helpful, I ran into the problem just now when I ran the nslookup and date commands:
> nslookup zoom.us Server: 192.168.63.1 Address: 192.168.63.1#53 ** server can't find zoom.us: SERVFAIL > date Sun Mar 6 16:21:39 PST 2022
Then a few minutes later it worked:
> nslookup zoom.us Server: 192.168.63.1 Address: 192.168.63.1#53 Non-authoritative answer: Name: zoom.us Address: 22.214.171.124 > date Sun Mar 6 16:24:19 PST 2022
Is this what you need?
This happened to me too. If I remember correctly it was caused by the Settings > Block Page option. Try turning it off. They should remove this option anyway. Causes a lot of problems.
This was on my kids profile and I still have all options on security page turned on.
Try this, If not then try adding zoom.us in allow list untill it's resolved.
Looks like the problem is zoom has misconfigured their DNS servers. Thank you @NextDNS for helping with this problem. If anyone else is running into this problem and you're running pfsense, Here is a work around:
Configure DNS Resolver so that "DNSSEC Support" is turned off.
It's honestly a pretty bad solution, but it might be better than nothing. Hopefully zoom will fix their servers. And hopefully nobody gets in trouble for being late to a meeting...