Home Network Community > All Threads > Deco BE63 - DNS weirdness
< All Threads

Deco BE63 - DNS weirdness

Deco BE63 - DNS weirdness

Deco BE63 - DNS weirdness
Deco BE63 - DNS weirdness
2024-04-29 23:30:50
Model: Deco BE65  
Hardware Version: V1
Firmware Version: 1.0.6 20240307

I'm having a really weird issue that started last Thursday, and leaving me stumped.  

 

Is anyone with a Deco BE63 able to run these queries from a box on their network?

 

Querydomain is slack dot com.  For some reason these forums won't let me post it if i write it correctly.

 

dig @45.90.28.1 <querydomain>

dig @205.251.192.166 <querydomain>

 

The first is a NextDNS resolver, the second is an auth server for <querydomain>.  Both of these requests time out from my machine.  

 

In short - some domains do not resolve when using custom DNS servers OR querying auth servers themselves.  It's not an IP block, as I can resolve other names fine.  It's not a payload block, because if I use Google or it does resolve it fine.  So it's some weird combination of IP and payload that's being rejected.

 

I cannot figure out if it's my ISP or Deco.  If I go modem -> PC, the problem goes away.  Normally that would make one automatically blame Deco, but, when going modem -> PC it gives me an entirely different subnet IP address.  Further, I've been using Deco for a while with no issues, unless the recent update caused it?  

 

In any event, it completely hoses my slack connections when using NextDNS which is unacceptable.  If anyone is able to confirm the above works for them on the newest update, I can perhaps go to my ISP with more info.

 

 

 

 

  0      
 
  0      
 
#1
Options
7 Reply
Re:Deco BE63 - DNS weirdness
2024-05-03 10:36:14

  @alatlantic Did you try connected to the Deco, but with another local IP for your PC?

  0  
  0  
#2
Options
Re:Deco BE63 - DNS weirdness
2024-05-03 21:43:32

  @yves_b thanks, yea I've tried about everything but not troubleshooting the PC itself -if I make NextDNS the DNS servers of the Deco itself, no device on the network (phones, chromebooks, pc) can resolve said domain names.   I only turned to doing digs for troubleshooting purposes after the problem arose.  Would be nice if anyone else who has these devices could attempt said lookups and report back - would be a huge clue whether it's the ISP or the router.

  0  
  0  
#3
Options
Re:Deco BE63 - DNS weirdness
2024-05-04 11:38:10

  @alatlantic 

"if I make NextDNS the DNS servers of the Deco itself, no device on the network (phones, chromebooks, pc) can resolve said domain names"

I assume this is only when your devices use the Deco as DNS, or use NextDNS as DNS, as told via DHCP by the Deco.

 

"If I go modem -> PC, the problem goes away."

I assume that the external IP is identical to the usage of modem -- Deco -- PC.
The problem goes away, even when forcing usage of IPv4 for the DNS query?

 

Did you try querying the ipv6 addresses of NextDNS?

  0  
  0  
#4
Options
Re:Deco BE63 - DNS weirdness
2024-05-04 17:18:34

  @yves_b 

 

Correct on all counts.

 

If I enabled IPv6 on the router, and query via IPv6, it works fine.  DoT and DoH also work fine.  This is constrained to the IPv4 address and certain query domains, oddly enough.

  0  
  0  
#5
Options
Re:Deco BE63 - DNS weirdness
2024-05-04 17:42:06

  @yves_b 

 

Also adding - it's not just NextDNS, but also a lot of smaller DNS resolvers AND the auth servers for the query domain(slack) themselves.

 

It almost feels like the logic is...if it's a DNS packet, and contains some data I don't like(unsure if it's IP or Name), block it unless it comes from a well known DNS resolver.

  0  
  0  
#6
Options
Re:Deco BE63 - DNS weirdness
2024-05-04 19:41:32

  @alatlantic 

I am not convinced it makes sense, but I was wondering if some DNS servers were blocking your public IPv4 address, not answering DNS requests coming from your IPv4 public address.

 

I am unable to accept that the Deco would somehow block some DNS requests or responses.

 

Just my feeling...

  0  
  0  
#7
Options
Re:Deco BE63 - DNS weirdness
2024-05-04 19:44:33

  @yves_b 

 

Well, unfortunately that would have been easier.  These DNS servers answer queries for other domains just fine.

 

It's very strange because it's not an IP filter, because most queries work fine.  And it's not a content filter, because Google and Quad9 responses work fine.  It's some strange combination of the two, and honestly I've never encountered anything like it.

 

Thanks for the suggestions, by the way.

  0  
  0  
#8
Options

Information

Helpful: 0

Views: 620

Replies: 7

Related Articles
Deco BE63 DL Speeds Capped at 230-250Mbps
417 3
DECO BE63 2 devices on same network?
924 0
BE63 USB - Can not enable in Deco app
301 0
Deco BE63 Random Total Disconnection
221 0
deco adding itself to DNS
432 0
BE63 v1.60 firmware
251 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.