1.1.1.1 does not resolve using dig

jeffschips

Well-Known Member
Jun 5, 2016
149
13
18
new york
cPanel Access Level
Root Administrator
Hello. I'm having very strange dns issues. This seems to be an intermittent issue with my cpanel/WHM server CENTOS 7.8 kvm v86.0.20.

If I:
dig mydomain.com @1.1.1.1

there is returned a serverror or no response at all however if I

dig mydomain.com @8.8.8.8

always returns the proper responses.

Now, I know that this obviously could be an issue with 1.1.1.1 but I've also noticed if I restart my csf firewall immediately I will get a proper response from 1.1.1.1. A few minutes later, that doesn't work. I've checked my csf and even if I disable it, same type of results.

Can anyone point me to some troubleshooting commands that may help me get to the bottom of this? Perhaps there are some or a mis-configured dns record setting for mydomain.com?

Thanks.
 

jeffschips

Well-Known Member
Jun 5, 2016
149
13
18
new york
cPanel Access Level
Root Administrator
Just a follow up the report from dnsstuff.com shows the following but all other issues on dnsstuff pass:

Code:
Connect to mail server    All connections to Mailservers port 25 have failed. The standard port for SMTP transactions is 25, so your servers should be operating on that port. It is recommended that it be fixed in order for your mail service to operate properly. The Mail Servers that failed are:

xx.xx.xx.xx | failed message send with: messaging failure: Time out occurred or Remote server closed connection prematurely
 

jeffschips

Well-Known Member
Jun 5, 2016
149
13
18
new york
cPanel Access Level
Root Administrator
Aha! Maybe I found something. Dnsstuff also reports:

Code:
O WWW record check    Domain has a WWW hostname provided through one or more CNAME lookups, which will slow down clients attempting to resolve this host.

www.xxxxxx.com. | xxxxxx.com. | 14400
xxxxxx.com. | xx.xx.xx.xx | 14400
 

jeffschips

Well-Known Member
Jun 5, 2016
149
13
18
new york
cPanel Access Level
Root Administrator
SOLVED:

Thanks to the excellent detective work of WhM/cpanel techs this ended up being a problem associated with ConfigServ CSF firewall.

Turns out if you "whois 1.1.1.1 |grep country" you will see that 1.1.1.1 is an Australian-registered provider. My CSF filter rules were only allowing US, GB, DE - thus dns lookups wouldn't work and the site would not load.

Many thanks to Cpanel team for getting to the bottom of this.