Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    Hi, I configured my att router to use opendns for primary and secondary dns. All PC's block my configured domains and categories successfully except one. This PC resolves all addresses. This behavior is true both when I configure the PC to get DNS from the router, or directly from the opendns servers. Here is the output of ipconfig /all on that pc:

    C:\Users\matthewe>ipconfig /all
    WaitNamedPipe: 2
    WaitNamedPipe: 2

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : linus
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : mathworks.com
    gateway.2wire.net

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : gateway.2wire.net
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 20-CF-30-A0-3C-22
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::f170:2300:b53a:517d%10(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.254.3(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Thursday, April 12, 2012 8:55:11 AM
    Lease Expires . . . . . . . . . . : Friday, April 13, 2012 11:48:07 AM
    Default Gateway . . . . . . . . . : 192.168.254.254
    DHCP Server . . . . . . . . . . . : 192.168.254.254
    DHCPv6 IAID . . . . . . . . . . . : 237031216
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6B-D0-30-20-CF-30-A0-3C-22

    DNS Servers . . . . . . . . . . . : 208.67.222.222
    208.67.220.220
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.gateway.2wire.net:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : gateway.2wire.net
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 9:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1401:1e20:93a6:99f(Prefe
    rred)
    Link-local IPv6 Address . . . . . : fe80::1401:1e20:93a6:99f%11(Preferred)
    Default Gateway . . . . . . . . . : ::
    NetBIOS over Tcpip. . . . . . . . : Disabled
    WaitNamedPipe: 2
    WaitNamedPipe: 2

    C:\Users\matthewe>

    Thanks,
    Matt
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    More on this: I found that on the PC in question, if I type

    nslookup www.playboy.com

    for instance, it gives me the true IP address, instead of the "fake" one. This makes me think somehow my opendns account settings aren't being used for that PC. I have a dynamic IP address. Does that play in somehow?

    thanks,
    Matt
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    Sorry, I meant to say

    nslookup www.playboy.com 208.67.222.222

    above, so I know for sure it is using the opendns server, yet still not honoring my account's blocked settings
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    More info, even when I type


    nslookup www.playboy.com 208.67.222.123

    to access via the preconfigured family filter, it returns legit IP addresses instead of "fake"

    Is it possible some software is redirecting dns requests? I also have cybersitter and PC pandora on the same machine
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    OK, some more very interesting info:

    This is what I see using nslookup:

    C:\Users\matthewe>nslookup www.playboy.com 208.67.222.123
    Server: resolver1-fs.opendns.com
    Address: 208.67.222.123

    Non-authoritative answer:
    Name: playboy.com
    Addresses: 208.99.94.78
    216.18.172.158
    Aliases: www.playboy.com

    However, the Wireshark packet sniffer shows the dns request being handled by google at 8.8.8.8!

    Matt
    • CommentAuthorrotblitz
    • CommentTimeApr 12th 2012
     permalink
    Post the output of:
    nslookup -type=txt debug.opendns.com. 208.67.222.222
  1.  permalink
    You had flushed both your browser and local resolver caches also, right?
    • CommentAuthorpcfreak3
    • CommentTimeApr 12th 2012
     permalink
    Save as Firewall in DD-WRT or Linux router distro:
    iptables -t nat -A PREROUTING -i br0 -s 192.168.1.128/25 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
    iptables -t nat -A PREROUTING -i br0 -s 192.168.1.128/25 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    I figured it out. Cybersitter was redirecting DNS requests to 8.8.8.8
    Thankful People: rotblitz
    • CommentAuthormatteng
    • CommentTimeApr 12th 2012
     permalink
    Thanks for the suggestions, guys.
  2.  permalink
    Yes, any configured service or proxies, etc., which affect your network configuration or internet usage must be taken into consideration. Good job finding the culprit. :cool:

This discussion has been inactive for longer than 30 days, and is thus closed.