What's new

Diversion DNS issues when Diversion is enabled.....

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

zekesdad

Regular Contributor
Screenshot (2).png

I get this page all the time when Diversion is enabled on my RT-AX86U with the latest Merlin FW, AMTM and Diversion updated, pixelserv-tls on 192.168.1.2. Pages just constantly time out. Only thing that fixes is it is disabling Diversion. Anything I can do?
 
Your screenshot is so large that the URL is hard to read but I think it’s drudgereport.com.

Are you sure those roadrunner DNS servers are working? Your log doesn’t show any replies when those queries are sent. Try different DNS servers.

edit: there’s so much happening at 15:05:38 that the replies are much lower down. So maybe it’s fine.
 
I get the same IPv4 addresses as in the pastebin and I can browse drudgereport.com just fine. Since the lookups are correct, I don't see how the problem could be Diversion.
 
For some reason Skynet is whitelisting those two IPv4 addresses. Double check that Skynet is up to date via amtm?
Code:
Warning: 172.67.12.140 is in set Skynet-Whitelist.
172.67.12.140 is NOT in set Skynet-Blacklist.
172.67.12.140 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
-*-

Associated Domain(s);
drudgereport.com


[i] IP Location - United States (CLOUDFLARENET / AS13335)
 
For some reason Skynet is whitelisting those two IPv4 addresses. Double check that Skynet is up to date via amtm?
Code:
Warning: 172.67.12.140 is in set Skynet-Whitelist.
172.67.12.140 is NOT in set Skynet-Blacklist.
172.67.12.140 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
-*-

Associated Domain(s);
drudgereport.com


[i] IP Location - United States (CLOUDFLARENET / AS13335)

Skynet is up to date. And turning off skynet or leaving it on, the only thing I've found that resolves the issue is disabling Diversion.
 
I get the same IPv4 addresses as in the pastebin and I can browse drudgereport.com just fine. Since the lookups are correct, I don't see how the problem could be Diversion.
The issue is EVERY webpage when Diversion is enabled. It'll timeout about 70% of the time. If you give it long enough it might refresh and work, but not always. Drudgereport is just an example I posted so you can see when Im getting, but it happens on Facebook, Reddit, Yahoo, everything.
 
What blocking list are you using (small, standard, medium, large, etc.)? Is DNSFilter enabled? Did you try another browser that might not try to sneak in encrypted DNS? Show some readable screenshots of WAN DNS and LAN DNS and DNSFilter settings pages from the router. Show a screenshot of the main Diversion menu. Is IPv6 enabled?
 
1) Medium block list. 2)DNSfilter is not enabled. 3)Other browsers reproduce the the same issues (tried FF and Chrome, usually I use edge) 4) IPV6 isnt enabled, I dont believe.
 

Attachments

  • Screenshot (4).png
    Screenshot (4).png
    284.5 KB · Views: 203
  • Screenshot (5).png
    Screenshot (5).png
    367.2 KB · Views: 195
  • Screenshot (6).png
    Screenshot (6).png
    330.5 KB · Views: 193
So I don't know what to do. I cant enable this addon or the the internet just becomes unusable. Any help would be really appreciated. I can give whatever logs someone would need.
 
So I don't know what to do. I cant enable this addon or the the internet just becomes unusable. Any help would be really appreciated. I can give whatever logs someone would need.
Your dnsmasq.log only shows nine domains blocked for all the 496 queries performed:
Code:
app-measurement.com
sdk.iad-01.braze.com
app-measurement.com
quantcast.mgr.consensu.org
sdk.iad-01.braze.com
device-metrics-us.amazon.com
c.bing.com
c.msn.com
sb.scorecardresearch.com
That means that only these would be blocked by Diversion.

You seem to have another issue with your router that comes into play when enabling Diversion.
Please post the content of /tmp/etc/dnsmasq.conf with and without Diversion enabled.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top