Jump to content
Not connected, Your IP: 35.175.200.4
Judas4all

[DNS] resolving Airvpn.org is failing while all other domains are ok

Recommended Posts

Hey, I got this since a while now.

 

Sometimes I try to resolve airvpn.org it fails. After some trys or minutes it works fine.

I use a Pi-Hole as DNS Server running a local unbound (127.0.0.1) and as said I only got issues with this domain here.. real strange.

 

Luckily today I was able to grab some logs, maybe someone can read them and tell me if the dnssec-query request tell something useful ?

 

Jan  4 19:19:07 dnsmasq[31678]: query[PTR] 44.1.168.192.in-addr.arpa from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: /etc/pihole/local.list 192.168.1.44 is pi-hole
Jan  4 19:19:07 dnsmasq[31678]: query[A] airvpn.org.localdomain from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN
Jan  4 19:19:07 dnsmasq[31678]: query[AAAA] airvpn.org.localdomain from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN
Jan  4 19:19:07 dnsmasq[31678]: query[A] airvpn.org from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1
Jan  4 19:19:09 dnsmasq[31678]: query[AAAA] airvpn.org from 192.168.1.15
Jan  4 19:19:09 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8
Jan  4 19:19:16 dnsmasq[31678]: validation result is SECURE
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is 5.196.64.52
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8
Jan  4 19:19:16 dnsmasq[31678]: validation result is SECURE
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is 2001:41d0:a:6034::

Please note that I was running a nslookup airvpn.org here and at the end it was working. Same command 2 minutes earlier failed.

So till 19:19:07 I had a DNS timeout when querying airvpn.org and on 19:19:16 it started to work just fine

 

Any help is much appreciated.

Share this post


Link to post

Jan 4 19:19:07 dnsmasq[31678]: query[A] airvpn.org.localdomain from 192.168.1.15

 

Wrong query for airvpn.org.localdomain. The client at 192.168.1.15 is doing it wrong, how did you query it? nslookup? Browser?

 

Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1

 

This is a different query and it's done with DNSSEC. The answer can only be 5.196.64.52 as it's verified, that's where it starts to work for you.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...