Some sites could not be open when using google DNS over TLS (8.8.8.8)

155 views
Skip to first unread message

Ran Technically Ran

unread,
Oct 26, 2022, 11:01:17 AM10/26/22
to public-dns-discuss
Dears,
please I need your support for the issue that I faced which it is accessibility for some URLs like www.tenat.com ,www.xelk.org while the private DNS setting  in the mobile is automatic  that will choose google DNS 8.8.8.8 over TLS  then URL will be not reachable (the site cannot be reached) but when I changed it to Off (Private DNS setting in mobile) mobile will URL will be reachable .below DNS test for www.xelk.com 
  • When mobile setting private DNS is Automatic and use Google DNS over TLS 8.8.8.8

26 Oct 2022 12:45:36 am
--- IP (rmnet0) 10.142.161.135
--- IP (swlan0) 192.168.127.195
--- Connection: LTE
DNS records for www.xelk.org
DNS server: 8.8.8.8, port 53, UDP
www.xelk.org.
TTL=300
A    188.114.96.7
(not authoritative)
www.xelk.org.
TTL=300
A    188.114.97.7
(not authoritative)
www.xelk.org.
TTL=300
AAAA    2a06:98c1:3120::7
(not authoritative)
www.xelk.org.
TTL=300
AAAA    2a06:98c1:3121::7
(not authoritative)

  • When we change Private DNS setting from Automatic to Off and use 8.8.8.8

--- 26 Oct 2022 12:42:46 am
--- IP (rmnet0) 10.142.161.135
--- Connection: LTE
DNS records for www.xelk.org
DNS server: 8.8.8.8, port 53, UDP
www.xelk.org.
TTL=300
A    188.114.97.7
(not authoritative)
www.xelk.org.
TTL=300
A    188.114.96.7
(not authoritative)
www.xelk.org.
TTL=300
AAAA    2a06:98c1:3121::7
(not authoritative)
www.xelk.org.
TTL=300
AAAA    2a06:98c1:3120::7
(not authoritative)

Claus Mattsson

unread,
Oct 27, 2022, 8:58:15 AM10/27/22
to public-dns-discuss
You are able to resolve the domain name according to your own outputs. It is more likely that the issue is related to connectivity on IP swlan0 192.168.127.195, which indicates som sort of tunneling or VPN. I belive that the issue isn't related to DNS or Google Public DNS.

Ran Technically Ran

unread,
Oct 27, 2022, 12:40:31 PM10/27/22
to public-dns-discuss
Thank you for your feedback please recorded video in below link shared as couldn't share it here because of file size limitation 
https://drive.google.com/file/d/1fq24RxKYh5DlO9AEh9uX8SgYxxMnuE93/view?usp=sharing

and issue like this when private DNS is ON :
these general web URLs or sites will not be reachable like
all of them will be translate to this  IP :188:114.96.7

but when private DNS is OFF
sites will be reachable and each of them will be translate to different IP:
www.xelk.org   IP:172.67.184.233
www.tenta.com  IP: 104.21.68.104
www.wishe.net    IP :172.67.158.41

while these site doesn't support  TLS or SLL, means we have issue only with sites doesn't support TLS or SSL

and our local DNS doesn't support DNS over TLS and DNS over HTTPS
our secondary DNS is google 8.8.8.8 

.

Claus Mattsson

unread,
Oct 29, 2022, 9:21:51 PM10/29/22
to public-dns-discuss
This issue isn't DNS related. The domains you have listet here is hosted on Cloudflare. They use a distributed global loadbalanced service, where one of their tactics is to distribute on different IP's. The fact that you get different IP's when resolving the domains on secure vs. unsecure dns, is a result of your public ip adresse on the device is changing. This is probably due to the device has opened a VPN/tunnel.

Just to be sure, I have hardcoded the domain to 188.114.96.7 IP on my computer at tested, that I am able to access the site. This works fine.

This issue therefor isn't related to DNS og Google Public DNS.

Reply all
Reply to author
Forward
0 new messages