Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

Topic # 220223 1-Aug-2017 13:45
Send private message quote this post

I recently moved from 2Degrees VDSL to BigPipe fiber. As a result my static IP changed. I have updated my DNS records on 1stDomains (my domain name provider) and for the most part everything is working as before. 

 

...except any device on the 2Degrees 2G/3G/4G network. Both mine and my wifes mobiles are 2Degrees and they refuse to resolve my domain to the new static IP address. Likewise I have a GPS vehicle tracker, with a 2Degrees SIM, which also fails to resolve.

 

There are two iPhones connecting back to my tracking server which have had no issues resolving to the new IP and I have tested a few SSL/TLS scanning sites using my domain and they resolve with no issues either.

 

The DNS records on 1stDomains were updated at about 10am yesterday morning, so I would have thought the 2Degrees DNS caches would have updated by now.

 

Does anyone have any suggestions or ideas what might be going on here?

 

Cheers,

 

Ben


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
872 posts

Ultimate Geek
+1 received by user: 265

Trusted

  Reply # 1834944 1-Aug-2017 13:47
Send private message quote this post

It could maybe take a little bit longer to propagate. I would reboot any devices, that may have cached the old address.








1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1834953 1-Aug-2017 13:51
Send private message quote this post

Hmmm - just downloaded https://play.google.com/store/apps/details?id=com.kodholken.dnslookup&hl=en and did a lookup while on 4G and it resolves my domain name to the correct IP address. So there must be something else going on. SSL cert issues perhaps. I will keep digging.


 
 
 
 


13164 posts

Uber Geek
+1 received by user: 2191

Trusted
Subscriber

  Reply # 1834968 1-Aug-2017 14:04
One person supports this post
Send private message quote this post




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1834970 1-Aug-2017 14:07
Send private message quote this post

Thanks @timmmay - they both seem to indicate that all DNS caches are up-to-date and correct.

 

Must be something else. I am guess something to do with my TLS certs, but just odd that other devices are having no problems. And the domain name hasn't changed, so the certs should be valid.


249 posts

Master Geek
+1 received by user: 46


  Reply # 1835275 1-Aug-2017 21:29
Send private message quote this post

The site the certs are checked against my not be getting the new DNS yet.  For future reference, if you are going to change the address of a domain, it is best to plan ahead and reduce the timeouts in the DNS settings to quite small numbers a day or two ahead of the change, so that change can propogate before you do the address change.  So if you set the timeouts to say 60 seconds, then when you finally change the address, you should get much faster propogation of that change.  However, DNS servers are not the only things that cache DNS addresses - some software does it too, and not all software obeys the DNS timeouts.  But with a small timeout, the problems should be over within a day.




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1835283 1-Aug-2017 21:38
Send private message quote this post

I think it must be something on 2degrees end. Even if I update my GPS trackers (using 2degree SIMs) to use the new IP address (instead of domain name) they fail to get thru, and they are publishing direct to an exposed port on my firewall, i.e. no TLS certs or encryption.

 

But if I test that port is open and accessible from a 3rd party site, everything is fine (both IP address or domain name).

 

Very strange that this is only a problem for my 2 x 2degrees Android phones and 2 x 2degrees GPS trackers...




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1835306 1-Aug-2017 22:22
Send private message quote this post

I don't think it is TLS cert issues anymore, since I can access my Nextcloud instance on the LAN using my Android phone, via hairpin NAT (meaning I still use my domain). This allows the TLS cert to correctly validate and I see a nice little green padlock in my phone browser.

 

But if I try and access the same URL via 4G on my phone I get a connection timeout. And nothing shows up in the Apache logs to indicate my connection attempt even made it to my server.

 

Is it even possible that 2degrees would not be routing my requests to my new BigPipe static IP? I am not much of a networking expert...


Doesn't know what he doin
2828 posts

Uber Geek
+1 received by user: 328

Subscriber

  Reply # 1835311 1-Aug-2017 22:43
Send private message quote this post

Can you tether/hotspot a PC from one of the phones that's not connecting and see if issue persists? If still happens, try running a traceroute and see if anything funny shows up and go from there.


919 posts

Ultimate Geek
+1 received by user: 177


  Reply # 1835313 1-Aug-2017 22:44
Send private message quote this post

What does a traceroute from 2degrees to Bigpipe show...?

 

 

It sounds like you've updated your firewall rules.

 

 

Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

Doesn't know what he doin
2828 posts

Uber Geek
+1 received by user: 328

Subscriber

  Reply # 1835314 1-Aug-2017 22:46
Send private message quote this post

yitz: What does a traceroute from 2degrees to Bigpipe show...? It sounds like you've updated your firewall rules. Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

 

 

 

It could show if there's just a routing issue between it. And it'll show where it's trying to connect to. If it shows it's trying to connect to the right IP then you know it has nothing to do with DNS and the issue you're experiencing could be completely coincidental to the IP change.


919 posts

Ultimate Geek
+1 received by user: 177


  Reply # 1835315 1-Aug-2017 22:50
Send private message quote this post

Yes that would be the next logical step in investigating whether or not 2degrees is "not be routing my requests to my new BigPipe static IP".



1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1835316 1-Aug-2017 22:53
Send private message quote this post

How do I run a traceroute?

 

(thanks for the suggestions btw!)




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1835319 1-Aug-2017 22:55
Send private message quote this post

tardtasticx:

 

Can you tether/hotspot a PC from one of the phones that's not connecting and see if issue persists? If still happens, try running a traceroute and see if anything funny shows up and go from there.

 

 

Yes just tried this - my laptop was unable to connect to my nextcloud server when using my Android tethered WIFI. 


Doesn't know what he doin
2828 posts

Uber Geek
+1 received by user: 328

Subscriber

  Reply # 1835320 1-Aug-2017 22:55
Send private message quote this post

https://kb.intermedia.net/article/682 

 

 

 

Use the domain instead of IP the first time round and see if it populates an IP itself, and check if that IP is correct.

 

If it doesnt then run it again after with the IP in place of the domain. 

 

 




1565 posts

Uber Geek
+1 received by user: 173

Subscriber

  Reply # 1835321 1-Aug-2017 22:56
Send private message quote this post

yitz: Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

 

This is what is seems like, but I don't really know too much about how this stuff should work!


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone TV — television in the cloud
Posted 17-Oct-2017 19:29


Nokia 8 review: Classy midrange pure Android phone
Posted 16-Oct-2017 07:27


Why carriers might want to embrace Commerce Commission study, MVNOs
Posted 13-Oct-2017 09:42


Fitbit launches Ionic, its health and fitness smartwatch
Posted 12-Oct-2017 15:52


Xero launches machine learning automation to improve coding accuracy for small businesses
Posted 12-Oct-2017 15:45


Bank of New Zealand uses Intel AI to detect financial crime
Posted 12-Oct-2017 15:39


Sony launches Xperia XZ1, a smartphone with real-time 3D capture
Posted 11-Oct-2017 10:26


Notes on Nokia’s phone comeback
Posted 10-Oct-2017 10:06


Air New Zealand begins Inflight Wi-Fi rollout
Posted 9-Oct-2017 20:16


The latest mobile phones in perspective
Posted 9-Oct-2017 18:34


Review: Acronis True Image 2018 — serious backup
Posted 8-Oct-2017 11:22


Lenovo launches ThinkPad Anniversary Edition 25
Posted 7-Oct-2017 23:16


Less fone, more tech as Vodafone gets brand make-over
Posted 6-Oct-2017 08:16


API Talent Achieves AWS MSP Partner Status
Posted 5-Oct-2017 21:20


Stellar Consulting Group now a Domo Partner
Posted 5-Oct-2017 21:03



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.