1.1.1.1 does not resolve using dig

J

jeffschips

Well-Known Member
Jun 5, 2016
286
40
78
new york
cPanel Access Level
Root Administrator
Hello. I'm having very strange dns issues. This seems to be an intermittent issue with my cpanel/WHM server CENTOS 7.8 kvm v86.0.20.

If I:
dig mydomain.com @1.1.1.1

there is returned a serverror or no response at all however if I

dig mydomain.com @8.8.8.8

always returns the proper responses.

Now, I know that this obviously could be an issue with 1.1.1.1 but I've also noticed if I restart my csf firewall immediately I will get a proper response from 1.1.1.1. A few minutes later, that doesn't work. I've checked my csf and even if I disable it, same type of results.

Can anyone point me to some troubleshooting commands that may help me get to the bottom of this? Perhaps there are some or a mis-configured dns record setting for mydomain.com?

Thanks.
 
J

jeffschips

Well-Known Member
Jun 5, 2016
286
40
78
new york
cPanel Access Level
Root Administrator
Just a follow up the report from dnsstuff.com shows the following but all other issues on dnsstuff pass:

Code: 
Connect to mail server    All connections to Mailservers port 25 have failed. The standard port for SMTP transactions is 25, so your servers should be operating on that port. It is recommended that it be fixed in order for your mail service to operate properly. The Mail Servers that failed are:

xx.xx.xx.xx | failed message send with: messaging failure: Time out occurred or Remote server closed connection prematurely
 
J

jeffschips

Well-Known Member
Jun 5, 2016
286
40
78
new york
cPanel Access Level
Root Administrator
Aha! Maybe I found something. Dnsstuff also reports:

Code: 
O WWW record check    Domain has a WWW hostname provided through one or more CNAME lookups, which will slow down clients attempting to resolve this host.

www.xxxxxx.com. | xxxxxx.com. | 14400
xxxxxx.com. | xx.xx.xx.xx | 14400
 
J

jeffschips

Well-Known Member
Jun 5, 2016
286
40
78
new york
cPanel Access Level
Root Administrator
SOLVED:

Thanks to the excellent detective work of WhM/cpanel techs this ended up being a problem associated with ConfigServ CSF firewall.

Turns out if you "whois 1.1.1.1 |grep country" you will see that 1.1.1.1 is an Australian-registered provider. My CSF filter rules were only allowing US, GB, DE - thus dns lookups wouldn't work and the site would not load.

Many thanks to Cpanel team for getting to the bottom of this.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
J Website can't connect after IP change, but domain does resolve Domain Management 6
E Hostname resolves, domain does not Domain Management 4
B new account domain doesnt resolve Domain Management 1
G http://www.domain.com does not resolve, http://domain.com does Domain Management 2
sh4ka Site using www doesnt resolve Domain Management 1
Similar threads
Website can't connect after IP change, but domain does resolve
Hostname resolves, domain does not
new account domain doesnt resolve
http://www.domain.com does not resolve, http://domain.com does
Site using www doesnt resolve
Top Bottom