Our Forums Have Moved!
Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.
OpenDNS Forums
The official support and discussion site of OpenDNS
Support
K-12 Forums
Categories
- Administrative
- Adult site blocking
- DNS-O-Matic / dynamic IPs
- Domain blocking
- Domain Name System (DNS) troubles
- Mobile instructions
- OpenDNS services
- Proxies, accelerators, and more
- Router instructions
- Satellite
- Shortcuts
- Wishlists and feature requests
-
Feeds
Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.
This discussion has been inactive for longer than 30 days, and is thus closed.
Domain Name System (DNS) troubles: opendns installed on router works for all PC's but one
Bottom of Page1 to 11 of 11
-
Hi, I configured my att router to use opendns for primary and secondary dns. All PC's block my configured domains and categories successfully except one. This PC resolves all addresses. This behavior is true both when I configure the PC to get DNS from the router, or directly from the opendns servers. Here is the output of ipconfig /all on that pc:
C:\Users\matthewe>ipconfig /all
WaitNamedPipe: 2
WaitNamedPipe: 2
Windows IP Configuration
Host Name . . . . . . . . . . . . : linus
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mathworks.com
gateway.2wire.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 20-CF-30-A0-3C-22
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f170:2300:b53a:517d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.254.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, April 12, 2012 8:55:11 AM
Lease Expires . . . . . . . . . . : Friday, April 13, 2012 11:48:07 AM
Default Gateway . . . . . . . . . : 192.168.254.254
DHCP Server . . . . . . . . . . . : 192.168.254.254
DHCPv6 IAID . . . . . . . . . . . : 237031216
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6B-D0-30-20-CF-30-A0-3C-22
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.gateway.2wire.net:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1401:1e20:93a6:99f(Prefe
rred)
Link-local IPv6 Address . . . . . : fe80::1401:1e20:93a6:99f%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
WaitNamedPipe: 2
WaitNamedPipe: 2
C:\Users\matthewe>
Thanks,
Matt -
More on this: I found that on the PC in question, if I type
nslookup www.playboy.com
for instance, it gives me the true IP address, instead of the "fake" one. This makes me think somehow my opendns account settings aren't being used for that PC. I have a dynamic IP address. Does that play in somehow?
thanks,
Matt -
Sorry, I meant to say
nslookup www.playboy.com 208.67.222.222
above, so I know for sure it is using the opendns server, yet still not honoring my account's blocked settings -
More info, even when I type
nslookup www.playboy.com 208.67.222.123
to access via the preconfigured family filter, it returns legit IP addresses instead of "fake"
Is it possible some software is redirecting dns requests? I also have cybersitter and PC pandora on the same machine -
OK, some more very interesting info:
This is what I see using nslookup:
C:\Users\matthewe>nslookup www.playboy.com 208.67.222.123
Server: resolver1-fs.opendns.com
Address: 208.67.222.123
Non-authoritative answer:
Name: playboy.com
Addresses: 208.99.94.78
216.18.172.158
Aliases: www.playboy.com
However, the Wireshark packet sniffer shows the dns request being handled by google at 8.8.8.8!
Matt -
Post the output of:
nslookup -type=txt debug.opendns.com. 208.67.222.222 -
- CommentAuthormaintenance
- CommentTimeApr 12th 2012
You had flushed both your browser and local resolver caches also, right? -
Save as Firewall in DD-WRT or Linux router distro:
iptables -t nat -A PREROUTING -i br0 -s 192.168.1.128/25 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
iptables -t nat -A PREROUTING -i br0 -s 192.168.1.128/25 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr) -
I figured it out. Cybersitter was redirecting DNS requests to 8.8.8.8Thankful People: rotblitz
-
Thanks for the suggestions, guys.
-
- CommentAuthormaintenance
- CommentTimeApr 13th 2012
Yes, any configured service or proxies, etc., which affect your network configuration or internet usage must be taken into consideration. Good job finding the culprit.
1 to 11 of 11
This discussion has been inactive for longer than 30 days, and is thus closed.