Jump to content


Photo

[DNS] resolving Airvpn.org is failing while all other domains are ok

DNS dnssec airvpn airvpn.org pi-hole unbound

  • Please log in to reply
1 reply to this topic

#1 Judas4all

Judas4all

    Member

  • Members2
  • PipPip
  • 22 posts

Posted 04 January 2019 - 06:27 PM

Hey, I got this since a while now.

 

Sometimes I try to resolve airvpn.org it fails. After some trys or minutes it works fine.

I use a Pi-Hole as DNS Server running a local unbound (127.0.0.1) and as said I only got issues with this domain here.. real strange.

 

Luckily today I was able to grab some logs, maybe someone can read them and tell me if the dnssec-query request tell something useful ?

 

Jan  4 19:19:07 dnsmasq[31678]: query[PTR] 44.1.168.192.in-addr.arpa from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: /etc/pihole/local.list 192.168.1.44 is pi-hole
Jan  4 19:19:07 dnsmasq[31678]: query[A] airvpn.org.localdomain from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN
Jan  4 19:19:07 dnsmasq[31678]: query[AAAA] airvpn.org.localdomain from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN
Jan  4 19:19:07 dnsmasq[31678]: query[A] airvpn.org from 192.168.1.15
Jan  4 19:19:07 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1
Jan  4 19:19:09 dnsmasq[31678]: query[AAAA] airvpn.org from 192.168.1.15
Jan  4 19:19:09 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1
Jan  4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8
Jan  4 19:19:16 dnsmasq[31678]: validation result is SECURE
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is 5.196.64.52
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8
Jan  4 19:19:16 dnsmasq[31678]: validation result is SECURE
Jan  4 19:19:16 dnsmasq[31678]: reply airvpn.org is 2001:41d0:a:6034::

Please note that I was running a nslookup airvpn.org here and at the end it was working. Same command 2 minutes earlier failed.

So till 19:19:07 I had a DNS timeout when querying airvpn.org and on 19:19:16 it started to work just fine

 

Any help is much appreciated.



#2 giganerd

giganerd

    I shall have no title

  • Members2
  • PipPipPip
  • 2674 posts
  • LocationGermany

Posted 07 January 2019 - 02:00 PM

Jan 4 19:19:07 dnsmasq[31678]: query[A] airvpn.org.localdomain from 192.168.1.15

 

Wrong query for airvpn.org.localdomain. The client at 192.168.1.15 is doing it wrong, how did you query it? nslookup? Browser?

 

Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1

 

This is a different query and it's done with DNSSEC. The answer can only be 5.196.64.52 as it's verified, that's where it starts to work for you.


Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs helps us read your thread.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

Instead of writing me a personal mail, consider contacting me via XMPP at gigan3rd@xmpp.airvpn.org or join the lounge@conference.xmpp.airvpn.org. I might read the mail too late whereas I'm always available on XMPP ;)






Similar Topics Collapse


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 13807 - BW: 45748 Mbit/sYour IP: 54.205.211.87Guest Access.