Welcome Guest ( Log In | Register )

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

 Unble to use google DNS, Deep Packet Inspection?

views
     
soonwai
post Mar 27 2017, 10:11 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(koopa @ Mar 27 2017, 09:49 AM)
So, anyone else is unable to use Google DNS and other DNS this month? What does DPI mean and how will it effect me?
...
*
Google DNS working fine here.
CODE
server$ dig @8.8.8.8 sarawakreport.org

; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 sarawakreport.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43618
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;sarawakreport.org.  IN A

;; ANSWER SECTION:
sarawakreport.org. 299 IN A 104.20.34.188
sarawakreport.org. 299 IN A 104.20.35.188

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Mar 27 22:05:50 2017
;; MSG SIZE  rcvd: 67


104.20.34.188 is Cloudflare.

If using TM's server, you'll get:
CODE

server$ dig @1.9.1.9 sarawakreport.org

; <<>> DiG 9.8.3-P1 <<>> @1.9.1.9 sarawakreport.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34698
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;sarawakreport.org.  IN A

;; ANSWER SECTION:
sarawakreport.org. 3600 IN A 175.139.142.25

;; Query time: 5 msec
;; SERVER: 1.9.1.9#53(1.9.1.9)
;; WHEN: Mon Mar 27 22:05:33 2017
;; MSG SIZE  rcvd: 51


DPI is deep packet inspection. Won't affect your DNS queries but may be used to block access to certain resources.

This post has been edited by soonwai: Mar 27 2017, 10:12 PM
soonwai
post Mar 28 2017, 01:26 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(faizyunus @ Mar 28 2017, 02:53 AM)
I think someone mentioned that the DNS is hard coded into the router for Maxis Fibre users. Even if you change on the router/computer it does not take effect. I believe there is a guide on how to overcome this.
*
I can check on that tomorrow. The coffee shop which uses Maxis Fibre is closed today.

On Maxis Mobile, Google DNS is working also.
user posted image

If not using Google, I get the MCMC redirect as expected.
user posted image
soonwai
post Mar 28 2017, 01:41 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(mydurian @ Mar 28 2017, 01:38 PM)
Curios, what's APP is that on IOS?
*
It's he.net Network Tools.
https://itunes.apple.com/us/app/he-net-netw...d858241710?mt=8
soonwai
post Mar 29 2017, 09:21 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(faizyunus @ Mar 28 2017, 02:53 AM)
I think someone mentioned that the DNS is hard coded into the router for Maxis Fibre users. Even if you change on the router/computer it does not take effect. I believe there is a guide on how to overcome this.
*
I just checked at the coffee shop near my house. They are using Maxis Fibre. The router is a Technicolor TG784n v3.

Results same as those posted for Maxis Mobile. 8.8.8.8 working.
soonwai
post Mar 30 2017, 01:08 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(koopa @ Mar 29 2017, 10:05 PM)
This is what I suspect. Is it possible for them to only block my account? IP is dynamic.
*
It's possible but I don't think they will block one account unless there's a very good reason.

Your first post shows that your DNS is working. Do you mean you still can't get to the website?
soonwai
post Mar 30 2017, 02:14 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(koopa @ Mar 29 2017, 10:05 PM)
This is what I suspect. Is it possible for them to only block my account? IP is dynamic.
*
Bro, you're right but it's not just you. Most MCMC blocked sites are DNS blocked but there's additional blocking for said site by Maxis.

You can test yourself using https://ooni.torproject.org/nettest/web-connectivity/

Here're the results of one of the tests:
CODE
$ ooniprobe blocking/http_requests --url http://sarawakreport.org
Looking up your IP address via ubuntu
Found your IP via a GeoIP service
Starting Tor
5%: Connecting to directory server
10%: Finishing handshake with directory server
15%: Establishing an encrypted directory connection
20%: Asking for networkstatus consensus
25%: Loading networkstatus consensus
40%: Loading authority key certs
45%: Asking for relay descriptors
50%: Loading relay descriptors
...
75%: Loading relay descriptors
80%: Connecting to the Tor network
90%: Establishing a Tor circuit
100%: Done
Tor has started
Looking up collector and test helpers with https://bouncer.ooni.io
Setting collector and test helpers for http_requests
Creating report with OONIB Reporter. Please be patient.
This may take up to 1-2 minutes...
Performing GET request to http://sarawakreport.org over Tor
Performing GET request to http://sarawakreport.org
The two body lengths appear to not match
censorship could be happening
Headers appear to *not* match


This post has been edited by soonwai: Mar 30 2017, 02:42 PM
soonwai
post Mar 30 2017, 07:36 PM


********
All Stars
11,458 posts

Joined: Oct 2007
From: KL
QUOTE(koopa @ Mar 30 2017, 06:28 PM)
Thank you. I will test this when I get home. Maybe they just block the accest point in my area. The one in your area is still unaffected.
*
My house is Unifi so unaffected. The coffee shop here using Maxis Fibre, I assume business package, is affected.

So far I test a few, all porn and gambling sites only block via DNS. Sarawakreport is the only one I've tested that has additional blocks.
« Next Oldest · Networks and Broadband · Next Newest »
 

Add ReplyOptions
 

Change to:
| Lo-Fi Version
 0.0186sec    0.77    6 queries    GZIP Disabled
Time is now: 10th December 2025 - 08:32 PM
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Removal Request
Powered by Invision Power Board © 2025  IPS, Inc.