Cannot access amazon.com

ganyue2006 · December 4, 2019, 2:23am

Expected Behaviour:

Actual Behaviour:

Browse through both chrome and safari from the laptop and another device in the same network, all failed with: ERR_CONNECTION_TIMED_OUT

Debug Token:

https://tricorder.pi-hole.net/5soo2zxxmm

Extra Info:

~  nslookup amazon.com
Server: 192.168.1.192
Address: 192.168.1.192#53

Non-authoritative answer:
Name: amazon.com
Address: 176.32.98.166
Name: amazon.com
Address: 205.251.242.103
Name: amazon.com
Address: 176.32.103.205

~  dig amazon.com
; <<>> DiG 9.10.6 <<>> amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53049
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon.com. IN A

;; ANSWER SECTION:
amazon.com. 49 IN A 176.32.103.205
amazon.com. 49 IN A 205.251.242.103
amazon.com. 49 IN A 176.32.98.166

;; Query time: 80 msec
;; SERVER: 192.168.1.192#53(192.168.1.192)
;; WHEN: Tue Dec 03 21:08:09 EST 2019
;; MSG SIZE rcvd: 87

DanSchaper · December 5, 2019, 3:40am

What does pihole -q -exact www.amazon.com show? And pihole -q -exact amazon.com as well.

ganyue2006 · December 5, 2019, 4:37am

They show

[i] No exact results found for www.amazon.com within the block lists

and

[i] No exact results found for amazon.com within the block lists

I have tried different things, and believe the problem is caused by upstream DNS server.

Previously, I use Google (ECS) as my Upstream DNS Server. When I test to resolve www.amazon.com using 8.8.8.8, I got

nslookup www.amazon.com 8.8.8.8                                                                                                                              gany@apollo
Server:		8.8.8.8
Address:	8.8.8.8#53

Name:	www.amazon.com
Address: 104.200.142.46
Name:	www.amazon.com
Address: 173.192.81.145

Which return direct IP address instead of its canonical name, and I think it is wired. So I use 208.67.222.222 (OpenDNS) to resolve www.amazon.com by runing

nslookup www.amazon.com 208.67.222.222                                                                                                                       gany@apollo
Server:		208.67.222.222
Address:	208.67.222.222#53

Non-authoritative answer:
www.amazon.com	canonical name = www.cdn.amazon.com.
www.cdn.amazon.com	canonical name = d3ag4hukkh62yn.cloudfront.net.
Name:	d3ag4hukkh62yn.cloudfront.net
Address: 13.249.43.105

Which seems alright. So I change the upstream server to OpenDNS and flush the DNS, now the problem seems to be resolved. I am still testing.

The most wired thing I have is when I use 8.8.8.8(Google) as DNS server to resolve www.amazon.com in my Macbook pro which is in the same local network, I get the correct one:

 ~ : nslookup www.amazon.com 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
www.amazon.com	canonical name = www.cdn.amazon.com.
www.cdn.amazon.com	canonical name = d3ag4hukkh62yn.cloudfront.net.
Name:	d3ag4hukkh62yn.cloudfront.net
Address: 13.225.231.227

and I have no idea why....

ganyue2006 · December 5, 2019, 3:39pm

Thank you for your reply.

The pihole is hosted on my Ubuntu 18.04.3 LTS server. I just check my /etc/host, I do not have anything related to amazon.com or www.amazon.com in it.

127.0.0.1       localhost
127.0.1.1       apollo

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Also, I believe if you put something in the host file, it will only effect
nslookup www.amazon.com
but not
nslookup www.amazon.com 8.8.8.8

I check 8.8.4.4 which is another ip for google dns, I also get these two IPs which are the same as 8.8.8.8.

nslookup www.amazon.com 8.8.4.4                                                                         gany@apollo
Server:         8.8.4.4
Address:        8.8.4.4#53

Name:   www.amazon.com
Address: 173.192.81.145
Name:   www.amazon.com
Address: 104.200.142.46

Do you have any idea which setting/config will effect and only affect google dns(both 8.8.8.8 and 8.8.4.4), but not other dns?...... Or do you have any idea where these two IPs come from?....

Thank you!

ganyue2006 · December 5, 2019, 7:35pm

Interesting. I totally forget about the DNS`s geographically awareness and I do have VPN active on my server. I will double check tonight to see if the VPN cause this issue.

Thank you!

system · December 26, 2019, 7:45pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.