search

ragibkl / adblock-dns-server

Adblock DNS Server powered by Bancuh DNS and dnsdist-acme
https://bancuh.com/
MIT License
63 stars 14 forks source link

Is this normal? #197

Closed Tomatoide closed 5 months ago

Tomatoide commented 5 months ago

Hello @ragibkl I notice this a lot in log viewer, is this normal? ie several queries with no response and not only with instgram are these retries or something or is this normal behavior thanks Screenshot_20240219-175055

ragibkl commented 5 months ago

Maybe not. Can you try against us or sg servers? It could be that the backend servers aren't performing so well.

ragibkl commented 5 months ago

https://github.com/ragibkl/adblock-dns-server/issues/193#issuecomment-1916101772 Another user reported issue with gcore backend, so i switched sg back to google.

Tomatoide commented 5 months ago

Ok will switch and report back

Tomatoide commented 5 months ago

Looks better on sg1 and us1 (btw sg2 logs doesnt work), maybe try quad9 on fr? But I also noticed this: IMG_20240220_161140 Is this related to ipv6? Its sometimes resolved and sometimes not

ragibkl commented 5 months ago

Is this related to ipv6? Its sometimes resolved and sometimes not

Where are you testing this? Is this fr? I think maybe gcore is just weird.

maybe try quad9 of fr?

Done @Tomatoide . Let me know any updates!

Tomatoide commented 5 months ago

Where are you testing this? Is this fr? I think maybe gcore is just weird.

No that was sg1/us1

Done @Tomatoide . Let me know any updates!

Nice will check and see thanks!

Tomatoide commented 5 months ago

Update: happened again, also with instagram domains, fr server IMG_20240220_194724

ragibkl commented 5 months ago

Here's my own tests.

$ nslookup instagram.xx.fbcdn.net 8.8.8.8
Server:     8.8.8.8
Address:    8.8.8.8#53

** server can't find instagram.xx.fbcdn.net: NXDOMAIN

$ nslookup prod.remote-settings.prod.webservices.mozgcp.net 8.8.8.8
Server:     8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
Name:   prod.remote-settings.prod.webservices.mozgcp.net
Address: 34.149.100.209

I think, instagram.xx.fbcdn.net does not exist. I queried google's dns, and it doesn't exist. Maybe the customer has an outdated app or ad/tracker client for facebook or instagram, that still relies on that domain. It could also be a website on a very old facebook web-sdk.

For prod.remote-settings.prod.webservices.mozgcp.net, I think that only has ipv4 record available. No ipv6 host. I think that's fine, because maybe that's how mozilla setup their infastructure, no ipv6. I also configure bancuh.com for ipv4 only. It does not have ipv6, so you should see something similar for bancuh.com.

I think this is normal.

However, if you want to do some tests, you can compare the dns result with google dns or cloudflare dns. If we block it will usually be 0.0.0.0 for ipv4 or :: for ipv6. If we give blank answer, but google has answer, there's an issue.

Tomatoide commented 5 months ago

Interesting finding, thanks @ragibkl 👍