Code: Select all
cat /etc/systemd/resolved.conf
Code: Select all
cat /etc/systemd/resolved.conf
Code: Select all
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file, or by creating "drop-ins" in
# the resolved.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns .google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.q uad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=yes
#LLMNR=yes
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
Code: Select all
# cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file, or by creating "drop-ins" in
# the resolved.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=9.9.9.9
Code: Select all
host freenet.de
;; communications error to 9.9.9.9#53: timed out
;; communications error to 149.112.112.112#53: timed out
;; communications error to 2620:fe::fe#53: timed out
;; no servers could be reached
Code: Select all
host freenet.de
;; communications error to 144.217.75.223#53: timed out
;; communications error to 2001:41d0:3:163::1#53: timed out
;; no servers could be reached
Code: Select all
host t-online.de
t-online.de has address 52.209.116.123
t-online.de has address 54.217.253.146
t-online.de has address 34.246.241.220
t-online.de mail is handled by 10 mx02.t-online.de.
t-online.de mail is handled by 10 mx01.t-online.de.
t-online.de mail is handled by 10 mx00.t-online.de.
t-online.de mail is handled by 10 mx03.t-online.de.
Code: Select all
connect to emig.freenet.de[195.4.92.216]:25: Connection timed out
Code: Select all
nano /etc/resolvconf/resolv.conf.d/head
nameserver 127.0.0.1
Code: Select all
rm -f /etc/resolv.conf
ln -s /run/resolvconf/resolv.conf /etc/resolv.conf
resolvconf -u
reboot
Kam vorhin gerade über die "MailOP"-MailinglisteHi,
I'm experiencing routing issues to freenet.de MX since almost 3 days.
I can't even lookup the domain as I cannot reach their NS, but the
same happens even if I try to ping their email server IP address:
194.97.8.138
195.4.92.217
From my servers @OVH they are not reachable at all.
I checked the IPs at https://check-host.net/check-ping and I see both
IP pings from most places but a netherland one, hong kong and 4
russians sources (by comparison my own IPs are reachable from all of
those sources).
Failing traceroutes from check-host.net and from my IPs stuck at a
Cloudflare IP:
# traceroute 194.97.8.138
traceroute to 194.97.8.138 (194.97.8.138), 30 hops max, 60 byte packets
1 MYIP 0.373 ms 0.484 ms 0.590 ms
2 10.17.50.74 (10.17.50.74) 0.356 ms 10.17.50.72 (10.17.50.72)
0.396 ms 0.458 ms
3 10.73.17.68 (10.73.17.68) 0.101 ms 10.73.16.116 (10.73.16.116)
0.107 ms 10.73.17.70 (10.73.17.70) 0.134 ms
4 10.95.64.142 (10.95.64.142) 1.027 ms 10.95.64.156 (10.95.64.156)
0.424 ms 10.95.64.136 (10.95.64.136) 0.421 ms
5 par-gsw-sbb1-nc5.fr.eu (54.36.50.228) 3.949 ms 3.825 ms 3.821 ms
6 10.200.2.85 (10.200.2.85) 4.079 ms 10.200.2.77 (10.200.2.77)
71.136 ms 71.123 ms
7 * * *
8 172.71.120.4 (172.71.120.4) 4.689 ms 141.101.67.52
(141.101.67.52) 4.538 ms 4.578 ms
9 172.71.133.105 (172.71.133.105) 3.842 ms 172.71.129.237
(172.71.129.237) 4.226 ms 172.69.187.98 (172.69.187.98) 4.214 ms
10 172.71.133.23 (172.71.133.23) 5.352 ms 172.71.117.70
(172.71.117.70) 4.631 ms 172.71.121.67 (172.71.121.67) 4.512 ms
11 * * *
12 * * *
13 * * *
I thought it was a peering issue, but 3 days should be enough for
someone to detect and fix it.
It doesn't look like a blacklisting issue as I cannot even query their
authoritative NS and I can't do that even from IPs that never sent
emails.
I also checked OVH looking glass and they fail routing to freenet from
all of their DCs:
https://lg.ovh.net/traceroute/sgp+vin+s ... 4.97.8.138
I also tried using OVH hosted email to write an email to a freenet.de
domain and it resulted in a "Domain not found" error, so to confirm
the whole OVH network can't reach the freenet.de NS.
I opened a ticket to OVH but they closed it telling me the traceroute
show the problem in outside their network (last working hop is a
cloudflare IP).
Peering/routing is not my field, so I'm looking for other people with
problems sending emails to freenet.de and for suggestions on how/who
to contact to fix the issue (maybe I should look for an NOC-op mailing
list?) .
Lösung bzw. Ursache scheint also zu sein, dass Freenet OVH geblockt hatHave you considered they may be blocking OVH ASNs on their firewall?
Their NS and zone seems resolvable and reachable from pretty much everything else on the internet according to DNSchecker.org.
- Mark Alley