Cloudflare 1001 DNS Errors

paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
Am I the only one that runs into Cloudflare 1001 DNS errors every 2 to 3 clicks on the new TE? Just wondering if it's just me. It looked like the new TE is hosted at infosec.vanillacommunities.com and there's some DNS round-robin configured. But it looks correct to me.

Seems to be related to use of Tor but Cloudflare supports Tor and I don't have problems accessing any other Cloudflare protected systems with Tor.

Comments

  • paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
    BTW - in case anyone is looking into this problem - my only observation so far when this problem occurs on TE is when the source IP is IPv6.
  • shochanshochan Senior Member ArkansasPosts: 736Registered Members ■■■■□□□□□□
    edited December 6
    Didn't Cloudflare implement DNSSEC recently?  Not sure if its related, but that would only be an assumption...I would definitely get with their support about it.

    https://www.bleepingcomputer.com/news/security/cloudflare-makes-dnssec-activation-easy/
    2018 goals -> PenTest+ Beta (failed), Linux+ Beta (pending results), CEH (mid Dec)
    2019 goals -> Linux+ 103/104 (Jan/Mar/Depends on Beta results), KLCP (June), RHCSA (Dec)
  • MeggoMeggo Posts: 106Admin Admin
    Thanks for raising this. I sent in a ticket this morning. 
  • paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
    shochan said:
    Didn't Cloudflare implement DNSSEC recently?  Not sure if its related, but that would only be an assumption...I would definitely get with their support about it.
    That's pretty cool to see. I would be surprised if it's related but you never know. I did just check vanillacommunities.com and I see that DNSSEC is configured and it looks to be configured correctly. But I see that infosecinstitute.com doesn't have DNSSEC configured.

    @Meggo - Thanks. I'm curious to know what causes the issue if that's able to be disclosed.


  • MeggoMeggo Posts: 106Admin Admin
    @paul78 Next time this happens, mind grabbing a screen shot that includes the URL? 
  • paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
    @Meggo - happens every 3-4 HTTPS request so it's not tough to reproduce. The URL is an https://community.infosecinstitute.com URL so it can happen on any forum page. The error is being served up by Cloudflare. Instead of a screen shot, I am enclosing the actual HTML source. Note that the source IP is IPv6.

    An example screenshot is on the Cloudflare support site here - https://support.cloudflare.com/hc/en-us/articles/204165588-Error-1001-DNS-resolution-error

    Actual error below:

    <!DOCTYPE html>
    <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
    <!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
    <!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
    <!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
    <head>
    <title>DNS resolution error | community.infosecinstitute.com | Cloudflare</title>
    <meta charset="UTF-8" />
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
    <meta name="robots" content="noindex, nofollow" />
    <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
    <link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
    <!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
    <style type="text/css">body{margin:0;padding:0}</style>
    
    
    <!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/zepto.min.js"></script><!--<![endif]-->
    <!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/cf.common.js"></script><!--<![endif]-->
    
    
    
    </head>
    <body>
      <div id="cf-wrapper">
        <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
        <div id="cf-error-details" class="cf-error-details-wrapper">
          <div class="cf-wrapper cf-header cf-error-overview">
            <h1>
              <span class="cf-error-type" data-translate="error">Error</span>
              <span class="cf-error-code">1001</span>
              <small class="heading-ray-id">Ray ID: 4853f8e26ca86bf8 &bull; 2018-12-07 03:40:40 UTC</small>
            </h1>
            <h2 class="cf-subheadline">DNS resolution error</h2>
          </div><!-- /.header -->
    
          <section></section><!-- spacer -->
    
          <div class="cf-section cf-wrapper">
            <div class="cf-columns two">
              <div class="cf-column">
                <h2 data-translate="what_happened">What happened?</h2>
                <p>You've requested a page on a website (community.infosecinstitute.com) that is on the <a data-orig-proto="https" data-orig-ref="www.cloudflare.com/5xx-error-landing?utm_source=error_100x" target="_blank">Cloudflare</a> network. Cloudflare is currently unable to resolve your requested domain (community.infosecinstitute.com). There are two potential causes of this:</p>
                <ul>
                   <li><strong>Most likely:</strong> if the owner just signed up for Cloudflare it can take a few minutes for the website's information to be distributed to our global network.</li>
                   <li><strong>Less likely:</strong> something is wrong with this site's configuration. Usually this happens when accounts have been signed up with a partner organization (e.g., a hosting provider) and the provider's DNS fails.</li>
                </ul>
              </div>
    
              
            </div>
          </div><!-- /.section -->
    
          <div class="cf-error-footer cf-wrapper">
      <p>
        <span class="cf-footer-item">Cloudflare Ray ID: <strong>4853f8e26ca86bf8</strong></span>
        <span class="cf-footer-separator">&bull;</span>
        <span class="cf-footer-item"><span>Your IP</span>: 2405:8100:8000:5ca1::e:7f51</span>
        <span class="cf-footer-separator">&bull;</span>
        <span class="cf-footer-item"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>
        
      </p>
    </div><!-- /.error-footer -->
    
    
        </div><!-- /#cf-error-details -->
      </div><!-- /#cf-wrapper -->
    
      <script type="text/javascript">
      window._cf_translation = {};
      
      
    </script>
    
    </body>
    </html>
    



  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,024Admin Admin
    How are to connecting to the Internet using only IPv6? Through a proxy at your work?
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
  • paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
    JDMurray said:
    How are to connecting to the Internet using only IPv6? Through a proxy at your work?
    No - just via regular behind a NAT internet access. It's regular TOR browser but when the error asserts, I notice it's always an IPv6 address. I haven't encountered this problem  with other Cloudflare protected sites.

    I'd be curious if anyone else sees this problem with the latest TOR browser.
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,024Admin Admin
    I just accessed TE using Mozilla Brave (Version 0.57.18) and in a private window with TOR. I'm not getting any errors by just browsing around TE and not logged in. 

    If you are not using the Brave browser, give it a try with the TOR private window feature. If you are using Brave, log out of TE and see if the CF errors occur when you are not logged in.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
  • shochanshochan Senior Member ArkansasPosts: 736Registered Members ■■■■□□□□□□
    I was using Brave, but not the Tor within it...I just tried it, after a ton of Captcha verifying it finally loaded up TE...of course much slower load as expected.
    2018 goals -> PenTest+ Beta (failed), Linux+ Beta (pending results), CEH (mid Dec)
    2019 goals -> Linux+ 103/104 (Jan/Mar/Depends on Beta results), KLCP (June), RHCSA (Dec)
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,024Admin Admin
    edited December 9
    I didn't have too much of an issue with speed, but those initial captchas are freekin' annoying! When I was doing the Cloudflare captchas, it displayed my TOR exit IP as IPv4. Maybe the CF errors are related to IPv6.

    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
  • paul78paul78 Posts: 2,797Registered Members ■■■■■■■■■■
    Thanks guys. That's an interesting tidbit. I'm using Tor Browser from Tor Project. Cloudflare does support Tor exit nodes pretty well so perhaps it's something else. I'll see if I can play around with other settings.
Sign In or Register to comment.