Closed arminmacx closed 7 years ago
Hi @arminmacx
Do you get an IP returned when you do a DIG against these sites...
e.g.
dig @localhost youtube.com
if you get an IP address returned it is not the fault of the DNS. Please can you provide examples of your digs / sites which you cannot connect to.
Best Regards,
Rob
Hi @robputt796
Yes I get back IP address of the site when i use DIG here example of youtube.com :
armin@Armins-iMac ~ dig @localhost youtube.com ✓ 577 02:37:03
; <<>> DiG 9.8.3-P1 <<>> @localhost youtube.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47606 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;youtube.com. IN A
;; ANSWER SECTION: youtube.com. 299 IN A 216.58.212.238
;; Query time: 963 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Mar 6 23:14:30 2017 ;; MSG SIZE rcvd: 45
here another site (plex.tv) :
armin@Armins-iMac ~ dig @localhost plex.tv ✓ 581 23:18:33
; <<>> DiG 9.8.3-P1 <<>> @localhost plex.tv ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46411 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;plex.tv. IN A
;; ANSWER SECTION: plex.tv. 49 IN A 52.210.244.61 plex.tv. 49 IN A 54.77.213.127 plex.tv. 49 IN A 52.214.149.31 plex.tv. 49 IN A 52.210.223.97 plex.tv. 49 IN A 54.229.174.245 plex.tv. 49 IN A 52.210.15.168
;; Query time: 2 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Mar 6 23:18:36 2017 ;; MSG SIZE rcvd: 121
the interesting part is this when i try to open gamin.youtube.com the site is opening but videos are not playing. on other side youtube.com is not opening at all.
Sorry to be a little dissmisive here @arminmacx but the DNS proxy is doing it's job as valid results are being returned for your DNS queries.
I expect the website is probably being blocked in some other way, either it's down (unlikely), there is some firewall rule preventing you visiting said IPs, or there is some filtering proxy between you and the website that doesn't want you going there. DNS-over-HTTPS proxy doesn't help with these communication issues, it is only useful for securely sending DNS requests.
@robputt796 Hi,
Can you please update the SSL cert. It is again give an error about MITM Attack
Sorry @arminmacx I have been travelling... I will look at this now.
Ok @arminmacx I have replaced the base64 encoded pinning cert.
@robputt796 Hi,
Today I get this new problem which is dns cannot open site like youtube.com and too many others site with https. i can ping the site and getting reply but i cannot open it.