I have not been able to access Javascript CDN hosted on Cloudfare today and a number of sites have stopped functioning properly for me. I have added the following domains to the whitelist, first via the admin page, then via console to be doubly sure and they are still blocked.
-cdnjs.cloudflare.com
-cdnjs.com
-cloudflare.com
I have also tried restarting the pihole with no luck.
Debug token: bi3iartevg
P.S. I noticed that cdnjs.cloudflare.com showed up on StevenBlack's list.
P.S.S. I did not see any topics on this issue with v3.3.1 so apologies if this is duplicate. Last discussion I saw on this was for v3.3.
Mcat12
June 15, 2018, 12:34am
2
Why dd you comment out the DNS upstream servers in /etc/pihole/setupVars.conf
?
I'm using dnscrypt-2.0 with pihole
Mcat12
June 15, 2018, 1:07am
4
What are the log lines when you query those domains? /var/log/pihole.log
or pihole -t
21:12:26 dnsmasq[4970]: 988 192.168.0.19/57597 query[A] cdnjs.com from 192.168.0.19
21:12:26 dnsmasq[4970]: 988 192.168.0.19/57597 forwarded cdnjs.com to 127.10.10.1
21:12:26 dnsmasq[4970]: * 192.168.0.19/57597 dnssec-query[DS] com to 127.10.10.1
21:12:26 dnsmasq[4970]: * 192.168.0.19/57597 reply com is BOGUS DS
21:12:26 dnsmasq[4970]: 988 192.168.0.19/57597 validation cdnjs.com is BOGUS
21:12:26 dnsmasq[4970]: 988 192.168.0.19/57597 reply cdnjs.com is 104.24.8.40
21:12:26 dnsmasq[4970]: 988 192.168.0.19/57597 reply cdnjs.com is 104.24.9.40
21:12:26 dnsmasq[4970]: 989 192.168.0.19/57597 query[A] cdnjs.com from 192.168.0.19
21:12:26 dnsmasq[4970]: 989 192.168.0.19/57597 forwarded cdnjs.com to 127.10.10.1
21:12:26 dnsmasq[4970]: * 192.168.0.19/57597 dnssec-query[DS] com to 127.10.10.1
21:12:26 dnsmasq[4970]: * 192.168.0.19/57597 reply com is BOGUS DS
21:12:26 dnsmasq[4970]: 989 192.168.0.19/57597 validation cdnjs.com is BOGUS
21:12:26 dnsmasq[4970]: 989 192.168.0.19/57597 reply cdnjs.com is 104.24.8.40
21:12:26 dnsmasq[4970]: 989 192.168.0.19/57597 reply cdnjs.com is 104.24.9.40
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 query[A] cdnjs.cloudflare.com from 192.168.0.19
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 forwarded cdnjs.cloudflare.com to 127.10.10.1
21:12:34 dnsmasq[4970]: * 192.168.0.19/53449 dnssec-query[DS] com to 127.10.10.1
21:12:34 dnsmasq[4970]: * 192.168.0.19/53449 reply com is BOGUS DS
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 validation cdnjs.cloudflare.com is BOGUS
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.196.151
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.198.151
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.199.151
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.197.151
21:12:34 dnsmasq[4970]: 994 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.195.151
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 query[A] cdnjs.cloudflare.com from 192.168.0.19
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 forwarded cdnjs.cloudflare.com to 127.10.10.1
21:12:34 dnsmasq[4970]: * 192.168.0.19/53449 dnssec-query[DS] com to 127.10.10.1
21:12:34 dnsmasq[4970]: * 192.168.0.19/53449 reply com is BOGUS DS
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 validation cdnjs.cloudflare.com is BOGUS
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.196.151
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.198.151
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.199.151
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.197.151
21:12:34 dnsmasq[4970]: 995 192.168.0.19/53449 reply cdnjs.cloudflare.com is 104.19.195.151
21:12:42 dnsmasq[4970]: 998 192.168.0.19/54153 query[A] cloudflare.com from 192.168.0.19
21:12:42 dnsmasq[4970]: 998 192.168.0.19/54153 forwarded cloudflare.com to 127.10.10.1
21:12:42 dnsmasq[4970]: 999 192.168.0.19/54153 query[A] cloudflare.com from 192.168.0.19
21:12:42 dnsmasq[4970]: 999 192.168.0.19/54153 forwarded cloudflare.com to 127.10.10.1
21:12:42 dnsmasq[4970]: * 192.168.0.19/54153 dnssec-query[DS] com to 127.10.10.1
21:12:42 dnsmasq[4970]: * 192.168.0.19/54153 reply com is BOGUS DS
21:12:42 dnsmasq[4970]: 999 192.168.0.19/54153 validation cloudflare.com is BOGUS
21:12:42 dnsmasq[4970]: 999 192.168.0.19/54153 reply cloudflare.com is 198.41.214.162
21:12:42 dnsmasq[4970]: 999 192.168.0.19/54153 reply cloudflare.com is 198.41.215.162
21:12:42 dnsmasq[4970]: 1000 192.168.0.19/54153 query[A] cloudflare.com from 192.168.0.19
21:12:42 dnsmasq[4970]: 1000 192.168.0.19/54153 forwarded cloudflare.com to 127.10.10.1
21:12:42 dnsmasq[4970]: * 192.168.0.19/54153 dnssec-query[DS] com to 127.10.10.1
21:12:42 dnsmasq[4970]: * 192.168.0.19/54153 reply com is BOGUS DS
21:12:42 dnsmasq[4970]: 1000 192.168.0.19/54153 validation cloudflare.com is BOGUS
21:12:42 dnsmasq[4970]: 1000 192.168.0.19/54153 reply cloudflare.com is 198.41.214.162
21:12:42 dnsmasq[4970]: 1000 192.168.0.19/54153 reply cloudflare.com is 198.41.215.162
Mcat12
June 15, 2018, 1:19am
6
They are not "blocked", rather they are failing DNSSEC and the resolver is telling the clients to not use it.
2 Likes
I see. Thank you!
I wonder why it suddenly stopped accepting that domain today. It was fine yesterday and up until this afternoon.
I disable DNSSEC from DNSCrypt and I am able to connect.
system
Closed
July 6, 2018, 1:37am
8
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.