1
The problem is that superuser.com, stackexchange.com and many other sites didn't work.
When I was debugging the problem, I tried nslookup:
user@host:~$ nslookup superuser.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find superuser.com: SERVFAIL
user@host:~$ nslookup superuser.com 8.8.4.4
Server: 8.8.4.4
Address: 8.8.4.4#53
** server can't find superuser.com: SERVFAIL
But then, using this page: http://www.kloth.net/services/nslookup.php
... here is the nslookup result for superuser.com from server 8.8.8.8, querytype=A :
DNS server handling your query: 8.8.8.8
DNS server's address: 8.8.8.8#53
Non-authoritative answer:
Name: superuser.com
Address: 104.16.32.193
Name: superuser.com
Address: 104.16.125.192
Name: superuser.com
Address: 104.16.126.192
Name: superuser.com
Address: 104.16.127.192
Name: superuser.com
Address: 104.16.33.193
So there was clearly a problem trying to reach Google's DNS IP. I then made a telnet
to see if port 53 was open in my router:
user@host:~$ telnet 8.8.8.8 53
Trying 8.8.8.8...
Connected to 8.8.8.8.
Escape character is '^]'.
Connection closed by foreign host.
Everything is working, so my last suspect is that the ISP is hijacking the IP somehow. How could I test it?
EDIT:
mtr trace:
Host Loss% Snt Last Avg Best Wrst StDev
1. 192.168.2.254 0.0% 120 0.5 0.4 0.2 0.7 0.0
2. 170.210.178.1 0.0% 120 1.1 1.0 0.7 1.3 0.0
3. riu-unpaz-100M.BUENOS-AIRES.riu.edu.ar 0.0% 120 1.8 4.4 1.7 182.0 18.3
4. rgda3-dc-sol.riu.edu.ar 0.0% 119 2.8 3.2 2.1 7.1 0.8
5. google-riu.riu.edu.ar 0.0% 119 2.3 2.5 2.0 16.1 1.5
6. 66.249.95.205 0.8% 119 2.6 2.8 2.4 3.6 0.0
7. google-public-dns-a.google.com 0.0% 119 2.5 2.5 2.2 3.2 0.0
I've heard of this several times recently but not seen proof until now. It would be interesting to know who your isp is, or at least what country you are located in. – Tyson – 2016-04-28T18:32:31.397
Relevant: ISP tricks DNS?
– DavidPostill – 2016-04-28T18:33:33.4871@Tyson I added some info, maybe my ISP has a Google mirror or something like that, then intercepts packets to Google's 8.8.8.8 and sends them to the mirror, and it was down or with problems. – JorgeeFG – 2016-04-28T18:47:55.300
Why did you attempt to connect to your router, using telnet on port 53, instead of the telnet port (23). 53 is the DNS port. Your dianostic steps don't make sense. Of course you can't telnet on port 53, the telnet service is running on port 23 on your router more then likely, and the DNS service (if it has one) would be running on port 53 – Ramhound – 2016-04-28T19:11:27.120