Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


1663 posts

Uber Geek
+1 received by user: 188

Subscriber

Topic # 220223 1-Aug-2017 13:45
Send private message

I recently moved from 2Degrees VDSL to BigPipe fiber. As a result my static IP changed. I have updated my DNS records on 1stDomains (my domain name provider) and for the most part everything is working as before. 

 

...except any device on the 2Degrees 2G/3G/4G network. Both mine and my wifes mobiles are 2Degrees and they refuse to resolve my domain to the new static IP address. Likewise I have a GPS vehicle tracker, with a 2Degrees SIM, which also fails to resolve.

 

There are two iPhones connecting back to my tracking server which have had no issues resolving to the new IP and I have tested a few SSL/TLS scanning sites using my domain and they resolve with no issues either.

 

The DNS records on 1stDomains were updated at about 10am yesterday morning, so I would have thought the 2Degrees DNS caches would have updated by now.

 

Does anyone have any suggestions or ideas what might be going on here?

 

Cheers,

 

Ben


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
894 posts

Ultimate Geek
+1 received by user: 271

Trusted

  Reply # 1834944 1-Aug-2017 13:47
Send private message

It could maybe take a little bit longer to propagate. I would reboot any devices, that may have cached the old address.








1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1834953 1-Aug-2017 13:51
Send private message

Hmmm - just downloaded https://play.google.com/store/apps/details?id=com.kodholken.dnslookup&hl=en and did a lookup while on 4G and it resolves my domain name to the correct IP address. So there must be something else going on. SSL cert issues perhaps. I will keep digging.


13994 posts

Uber Geek
+1 received by user: 2498

Trusted
Subscriber

  Reply # 1834968 1-Aug-2017 14:04
One person supports this post
Send private message




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1834970 1-Aug-2017 14:07
Send private message

Thanks @timmmay - they both seem to indicate that all DNS caches are up-to-date and correct.

 

Must be something else. I am guess something to do with my TLS certs, but just odd that other devices are having no problems. And the domain name hasn't changed, so the certs should be valid.


353 posts

Ultimate Geek
+1 received by user: 73


  Reply # 1835275 1-Aug-2017 21:29
Send private message

The site the certs are checked against my not be getting the new DNS yet.  For future reference, if you are going to change the address of a domain, it is best to plan ahead and reduce the timeouts in the DNS settings to quite small numbers a day or two ahead of the change, so that change can propogate before you do the address change.  So if you set the timeouts to say 60 seconds, then when you finally change the address, you should get much faster propogation of that change.  However, DNS servers are not the only things that cache DNS addresses - some software does it too, and not all software obeys the DNS timeouts.  But with a small timeout, the problems should be over within a day.




1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1835283 1-Aug-2017 21:38
Send private message

I think it must be something on 2degrees end. Even if I update my GPS trackers (using 2degree SIMs) to use the new IP address (instead of domain name) they fail to get thru, and they are publishing direct to an exposed port on my firewall, i.e. no TLS certs or encryption.

 

But if I test that port is open and accessible from a 3rd party site, everything is fine (both IP address or domain name).

 

Very strange that this is only a problem for my 2 x 2degrees Android phones and 2 x 2degrees GPS trackers...




1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1835306 1-Aug-2017 22:22
Send private message

I don't think it is TLS cert issues anymore, since I can access my Nextcloud instance on the LAN using my Android phone, via hairpin NAT (meaning I still use my domain). This allows the TLS cert to correctly validate and I see a nice little green padlock in my phone browser.

 

But if I try and access the same URL via 4G on my phone I get a connection timeout. And nothing shows up in the Apache logs to indicate my connection attempt even made it to my server.

 

Is it even possible that 2degrees would not be routing my requests to my new BigPipe static IP? I am not much of a networking expert...


Doesn't know what he doin
2881 posts

Uber Geek
+1 received by user: 374

Subscriber

  Reply # 1835311 1-Aug-2017 22:43
Send private message

Can you tether/hotspot a PC from one of the phones that's not connecting and see if issue persists? If still happens, try running a traceroute and see if anything funny shows up and go from there.


1217 posts

Uber Geek
+1 received by user: 273


  Reply # 1835313 1-Aug-2017 22:44
Send private message

What does a traceroute from 2degrees to Bigpipe show...?

 

 

It sounds like you've updated your firewall rules.

 

 

Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

Doesn't know what he doin
2881 posts

Uber Geek
+1 received by user: 374

Subscriber

  Reply # 1835314 1-Aug-2017 22:46
Send private message

yitz: What does a traceroute from 2degrees to Bigpipe show...? It sounds like you've updated your firewall rules. Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

 

 

 

It could show if there's just a routing issue between it. And it'll show where it's trying to connect to. If it shows it's trying to connect to the right IP then you know it has nothing to do with DNS and the issue you're experiencing could be completely coincidental to the IP change.


1217 posts

Uber Geek
+1 received by user: 273


  Reply # 1835315 1-Aug-2017 22:50
Send private message

Yes that would be the next logical step in investigating whether or not 2degrees is "not be routing my requests to my new BigPipe static IP".



1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1835316 1-Aug-2017 22:53
Send private message

How do I run a traceroute?

 

(thanks for the suggestions btw!)




1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1835319 1-Aug-2017 22:55
Send private message

tardtasticx:

 

Can you tether/hotspot a PC from one of the phones that's not connecting and see if issue persists? If still happens, try running a traceroute and see if anything funny shows up and go from there.

 

 

Yes just tried this - my laptop was unable to connect to my nextcloud server when using my Android tethered WIFI. 


Doesn't know what he doin
2881 posts

Uber Geek
+1 received by user: 374

Subscriber

  Reply # 1835320 1-Aug-2017 22:55
Send private message

https://kb.intermedia.net/article/682 

 

 

 

Use the domain instead of IP the first time round and see if it populates an IP itself, and check if that IP is correct.

 

If it doesnt then run it again after with the IP in place of the domain. 

 

 




1663 posts

Uber Geek
+1 received by user: 188

Subscriber

  Reply # 1835321 1-Aug-2017 22:56
Send private message

yitz: Do you think 2degrees could be blocking certain types of traffic/ports destined to off-net destination IPs going over their default data APN.

 

This is what is seems like, but I don't really know too much about how this stuff should work!


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.